Solved

User accounts locked after DC rebooted.

Posted on 2013-01-24
5
330 Views
Last Modified: 2013-01-30
Our office 2008 domain has 2 domain controllers on it. I needed to reboot one of them and since then users are reporting that their accounts are locked. Sure enough, in AD the option 'Unlock Account' is active but if I select it and ht Apply nothing happens.

Any idea why this has happened i.e. is there something wrong with my AD setup?

Thanks
0
Comment
Question by:funasset
  • 3
  • 2
5 Comments
 
LVL 17

Expert Comment

by:Nik
ID: 38813897
When you clicked on the box and clicked apply, user was unlocked even though nothing happened.
If you close the object properties and open it again, you will see that the user is not locked anymore.

Why those users were locked out, I really can't tell. Any info in the event viewer?
0
 

Author Comment

by:funasset
ID: 38813972
That didn't appear to be the case I'm afraid.  The domain controller I rebooted just has a couple of entries in the App log stating -

The winlogon notification subscriber <GPClient> took XX seconds to handle the notification event (CreateSession).

How can rebooting a server cause all accounts to lockout??
0
 
LVL 17

Expert Comment

by:Nik
ID: 38814257
I have never heard about this issue before. I will try to investigate more...
0
 

Accepted Solution

by:
funasset earned 0 total points
ID: 38818203
I'm not sure what actually cleared the problem as it was a bit of a panic job! I restarted both my DCs which included a reboot of the DNS services, flushed DNS caches all over the place and all of a sudden it just decided to play nicely. Thanks Windows.
0
 

Author Closing Comment

by:funasset
ID: 38834490
See previous update.
0

Featured Post

Edgartown IT Case Study

Learn about Edgartown's quest to ensure the safety and security of the entire town's employee and citizen data. Read the case study!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article explains how to install and use the NTBackup utility that comes with Windows Server.
This article demonstrates probably the easiest way to configure domain-wide tier isolation within Active Directory. If you do not know tier isolation read https://technet.microsoft.com/en-us/windows-server-docs/security/securing-privileged-access/s…
This tutorial will walk an individual through the steps necessary to configure their installation of BackupExec 2012 to use network shared disk space. Verify that the path to the shared storage is valid and that data can be written to that location:…
This tutorial will walk an individual through locating and launching the BEUtility application to properly change the service account username and\or password in situation where it may be necessary or where the password has been inadvertently change…

680 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question