We help IT Professionals succeed at work.

Windows user Account getting locked at random

We have a user account which gets locked at random. finding it hard to figure out whats causing this issue.
We kept the computer shut and its still locking the account.  we created the user profile on the local pc, re added the outlook account still the same.

seems like a invalid password is been used by some application on a different pc. is there any way to trace this application or the pc which sending the bad credentials?

we are on win2003 server AD enviroment with win 2008 servers and winxp and win7 pcs.
I checked windows log tracing tool which was hopeless. cant trace anything on even log either.

much appreciated.
Watch Question

Paul MacDonaldDirector, Information Systems

There may be something in the Event logs on the DC.  Don't overlook home machines and/or smart phones that may be set up to check for mail automatically.  Also, it's possible someone knows the username but not the password and is trying to log in from outside and locking the account that way.

Look through the Event logs on the server to find the failed logon attempts and see where they are coming from.
download Account lockout manager from netwrix free 30 day trial

and also MS account lockout status , these two will help give more info to find whats happening.
SandeepSr System Administrator

I would search first in AL Tools from which DC Account has locked out. Then on DC I will do search for the User ID in Security Logs. There you can get hint from where the bad password has been attempted Machine IP or Hostname. On that particular system do the Checks as below URL

FleetechSenior Programmer


It was a Printer that had the wrong credentials.  Now as Administrators we have to check not only mobile devices and webmail.Network Printers too. Thanks

Explore More ContentExplore courses, solutions, and other research materials related to this topic.