Active Directory

James
James used Ask the Experts™
on
Hi Experts Exchange,

Is there a way of finding out in AD the last time a user account was locked other than the system log files on the DC?

Thank you.


Kind regards,

JBond2010
Comment
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
For W2K8, you can use Active Directory Administrative Center.
You can check in the attributes of the user.
Note- for getting the attribute tab you have to browse to the ou and double click on the user account.
you will not see attribute tab if you search for the user.

http://ldapwiki.willeke.com/wiki/Active%20Directory%20Locked%20Accounts
You can use Microsoft Lockout status tool for getting the information when the User account got locked (Date and time).

Apart from this you will also get information like on which DC the account got locked , How many bad passwords, AD site, Etc.

This is very helpful tool. Using this we can check what is the computer account from which computer account is getting locked

You can download the tool from below link.

http://www.microsoft.com/download/en/details.aspx?id=15201

Troubleshooting Active directory Lockout Issue.

http://msexchangeguru.com/2012/03/08/ad-lockout/

Regards,

_Prashant_
OWASP: Forgery and Phishing

Learn the techniques to avoid forgery and phishing attacks and the types of attacks an application or network may face.

JamesSenior Cloud Infrastructure Engineer

Author

Commented:
Thank you for your comments.


Kind regards,

JBond2010
JamesSenior Cloud Infrastructure Engineer

Author

Commented:
This was very helpfull.

Thank you.
You are welcome

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial