My DomAdmin account locks every 3-5 minutes

I can't seem to find out why my Account keeps getting locked.  I know it's because failed password attempts.  I used the LockoutStatus tool and in the ORIG field it says DC1 which is my PDC.   I checked all the services and don't see any that are using this account.  This is a brand new domain built within just the past few weeks, not sure how long this has been going on but it became an issue in the last couple days.

I looked in the event log but I don't really see anything.

How can I find out what is causing this?

--- all servers are 2008r2 with all updates
Dwight CraneIT ManagerAsked:
Who is Participating?
 
vmaganConnect With a Mentor Commented:
enable login auditing on the server. What version of server?

is this the lockout tool that you used?

Account Lockout and Management Tools
http://www.microsoft.com/download/en/details.aspx?displaylang=en&id=18465
0
 
Dwight CraneIT ManagerAuthor Commented:
Yes that is the tool I used. Ok I turned on that logging then went into the security logs.  I think I may have found the issue. We added a new Stor server 3 days ago and that seems to be the IP its pointing to. with KRBTGT Pre Auth failures

I will disable this for now and see if it makes a difference... Thanks
0
 
vmaganCommented:
Yup glad the logging events helped. Keep us posted with results.

Thanks
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.