Local account on Windows 2003 getting locked
I have a windows 2003 server that runs a 3rd party application. This 3rd party application installs 2 local accounts on this server and sets a default password.
We recently had to change the password on these two local accounts.There are many appliances on the network that use these two accounts to interface with the 3rd party application.
Since the change, we are having problems with these two local accounts getting locked.
We have made password updates in several places but the passwords keep getting locked.
I see evidence of password failures in the security event log but how can I track down the devices that are still using the old password?
We recently had to change the password on these two local accounts.There are many appliances on the network that use these two accounts to interface with the 3rd party application.
Since the change, we are having problems with these two local accounts getting locked.
We have made password updates in several places but the passwords keep getting locked.
I see evidence of password failures in the security event log but how can I track down the devices that are still using the old password?
AustinComputerLabs
Are any services relating to the SW using those accounts to authenticate?
Use lockoutstatus tool to find out which DC accoutn was locked on. From the DC that the user account was locked search the security logs which will tell you the host.
http://www.microsoft.com/downloads/en/details.aspx?FamilyID=D1A5ED1D-CD55-4829-A189-99515B0E90F7
http://support.microsoft.com/kb/824209
http://www.microsoft.com/downloads/en/details.aspx?FamilyID=D1A5ED1D-CD55-4829-A189-99515B0E90F7
http://support.microsoft.com/kb/824209
ASKER
There are no services that run on the server that use either of these 2 local accounts.
It appears that the lockoutstatus tool only works on AD accounts; when I try to query on a local computer account, where I point to the server (which is not a domain controller), the query fails to provides any information.
It appears that the lockoutstatus tool only works on AD accounts; when I try to query on a local computer account, where I point to the server (which is not a domain controller), the query fails to provides any information.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
I was able to resolve the issue by using the security event log and the system event log. I also checked the local account policy and it was set to 10 bad passwords and then it would lock out.