Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
?
Solved

My DomAdmin account locks every 3-5 minutes

Posted on 2012-03-14
3
Medium Priority
?
318 Views
Last Modified: 2012-03-15
I can't seem to find out why my Account keeps getting locked.  I know it's because failed password attempts.  I used the LockoutStatus tool and in the ORIG field it says DC1 which is my PDC.   I checked all the services and don't see any that are using this account.  This is a brand new domain built within just the past few weeks, not sure how long this has been going on but it became an issue in the last couple days.

I looked in the event log but I don't really see anything.

How can I find out what is causing this?

--- all servers are 2008r2 with all updates
0
Comment
Question by:MushroomStamp
  • 2
3 Comments
 
LVL 6

Accepted Solution

by:
vmagan earned 2000 total points
ID: 37723147
enable login auditing on the server. What version of server?

is this the lockout tool that you used?

Account Lockout and Management Tools
http://www.microsoft.com/download/en/details.aspx?displaylang=en&id=18465
0
 

Author Comment

by:MushroomStamp
ID: 37723191
Yes that is the tool I used. Ok I turned on that logging then went into the security logs.  I think I may have found the issue. We added a new Stor server 3 days ago and that seems to be the IP its pointing to. with KRBTGT Pre Auth failures

I will disable this for now and see if it makes a difference... Thanks
0
 
LVL 6

Expert Comment

by:vmagan
ID: 37723266
Yup glad the logging events helped. Keep us posted with results.

Thanks
0

Featured Post

What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Resolving an irritating Remote Desktop connection that stops your saved credentials from being used.
Sometimes it necessary to set special permissions on user objects.  For instance when using a Blackberry server, the SendAs permission needs to be set. I see many admins struggle with the setting that permission only to see it disappear within a few…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…
Attackers love to prey on accounts that have privileges. Reducing privileged accounts and protecting privileged accounts therefore is paramount. Users, groups, and service accounts need to be protected to help protect the entire Active Directory …

581 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question