Solved

Windows 2003 AD and ADC/Most of the user accounts are  keeps being locked out randomly.

Posted on 2011-03-15
3
271 Views
Last Modified: 2012-05-11
I have a  Windows 2003 AD and ADC.Most of the user accounts are  keeps being locked out randomly.
I found con-flicker virus on the network . I believe may be because of this or   any service / application that is trying to automatically authenticate against Active Directory with user accounst.

What will be the best way to find out where the service / application /computer/virus is running that is  trying to authenticate with my account; since its a network with 500 users.

We are using forefront client security as antivirus.
Regards
Jenu Rai

Thank you
0
Comment
Question by:emtechadmin
3 Comments
 
LVL 57

Expert Comment

by:Mike Kline
ID: 35140614
You can start with the steps here  

http://blogs.technet.com/b/instan/archive/2009/09/01/troubleshooting-account-lockout-the-pss-way.aspx

That will give you a link to the account troubleshooting tools

In this case you have already have the culprit though (Conficker)  When there are random unexplained lockouts in mass it is almost always conficker (at least for the last few years)

Keep doing your best to get rid of that.

Thanks

Mike
0
 
LVL 11

Accepted Solution

by:
RickSheikh earned 500 total points
ID: 35141296
And if your goal is to enumerate all the services you have running on all your servers and see where an account might be configured with your account instead.

One way you can accomplish this is via a PowerShell script using the WMI - that startname property tells you what account a service is configured with.

 C:\PS>get-service -name winrm -computername localhost, Server01, Server02  | format-table -property MachineName, Status, Startname, Name, DisplayName -auto

You would probably want to pass the server list as in get-service (gc servers.txt) .........

0
 
LVL 1

Author Closing Comment

by:emtechadmin
ID: 35736943
Partially supported
0

Featured Post

Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Synchronize a new Active Directory domain with an existing Office 365 tenant
Last week, our Skyport webinar on “How to secure your Active Directory” (https://www.experts-exchange.com/videos/5810/Webinar-Is-Your-Active-Directory-as-Secure-as-You-Think.html?cid=Gene_Skyport) provided 218 attendees with a step-by-step guide for…
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
This Micro Tutorial hows how you can integrate  Mac OSX to a Windows Active Directory Domain. Apple has made it easy to allow users to bind their macs to a windows domain with relative ease. The following video show how to bind OSX Mavericks to …

821 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question