One user keeps getting locked out of his AD account forcing unlocks and password resets.
I have a user who has logged 8 calls over a 4 week period reporting the following;
"can't logon, saying account is locked" - Acc is unlocked and PW reset
"Account OK for 2-3 hours but then locks again" - Acc is unlocked and PW reset
"User Account locked out" - Acc is unlocked and PW reset
etc etc
I have checked GPO to ensure nothing has been configured for the individual but I just need to know if there is anything I should be checking on the individuals account settings/profile/etc that would cause this to happen.
"can't logon, saying account is locked" - Acc is unlocked and PW reset
"Account OK for 2-3 hours but then locks again" - Acc is unlocked and PW reset
"User Account locked out" - Acc is unlocked and PW reset
etc etc
I have checked GPO to ensure nothing has been configured for the individual but I just need to know if there is anything I should be checking on the individuals account settings/profile/etc that would cause this to happen.
Joseph Moody
Check out the Microsoft Account Lockout Toolkit
I'd possibly begin by reviewing the DC event logs for this user to see where the account's being locked from (what PC/ source IP address) and then seeing if it's a service/ scheduled task etc that's running as this user.
Or something web based that's cached his previous credentials and failing to refresh (ie OWA etc). Could be worth therefore clearing all his Internet password cache.
Or something web based that's cached his previous credentials and failing to refresh (ie OWA etc). Could be worth therefore clearing all his Internet password cache.
Check for any scheduled tasks the user has setup with a password it may be a old password.
Check this out, It will allow you to see the lockouts as they happen. I think you can also install something on the users machine so you can see if they are locking themselves out.
http://www.microsoft.com/downloads/en/details.aspx?FamilyID=D1A5ED1D-CD55-4829-A189-99515B0E90F7
Check this out, It will allow you to see the lockouts as they happen. I think you can also install something on the users machine so you can see if they are locking themselves out.
http://www.microsoft.com/downloads/en/details.aspx?FamilyID=D1A5ED1D-CD55-4829-A189-99515B0E90F7
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
This happend to me all the time. The user has logged in somewhere else and the computer is locked under that users account.
Do a search for an app called "Locate user". This will tell you which computers the user is currently logged in on.
Do a search for an app called "Locate user". This will tell you which computers the user is currently logged in on.
ASKER
Parts of tis advice as helped me investiate and partially esolve the issue along with other help and advice, very much appreciated. Thanks