I encounter dozens user’s accounts were locked after they changed their password based on our domain account policy. I found the reason is that users changed their password on their current desktop or laptop only. They have not changed their password on their account related devices, like smart phone (using webmail), instrument machine (which is login with the user account), network drives (which are mapped with the use account).
Is there any tools or scripts I can take to easily trace the source of machine and session which causes the user’s account locked?
I use Windows server 2003 AD environment.
Thanks in advance.