Solved

User accounts locked after DC rebooted.

Posted on 2013-01-24
5
331 Views
Last Modified: 2013-01-30
Our office 2008 domain has 2 domain controllers on it. I needed to reboot one of them and since then users are reporting that their accounts are locked. Sure enough, in AD the option 'Unlock Account' is active but if I select it and ht Apply nothing happens.

Any idea why this has happened i.e. is there something wrong with my AD setup?

Thanks
0
Comment
Question by:funasset
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
5 Comments
 
LVL 17

Expert Comment

by:Nik
ID: 38813897
When you clicked on the box and clicked apply, user was unlocked even though nothing happened.
If you close the object properties and open it again, you will see that the user is not locked anymore.

Why those users were locked out, I really can't tell. Any info in the event viewer?
0
 

Author Comment

by:funasset
ID: 38813972
That didn't appear to be the case I'm afraid.  The domain controller I rebooted just has a couple of entries in the App log stating -

The winlogon notification subscriber <GPClient> took XX seconds to handle the notification event (CreateSession).

How can rebooting a server cause all accounts to lockout??
0
 
LVL 17

Expert Comment

by:Nik
ID: 38814257
I have never heard about this issue before. I will try to investigate more...
0
 

Accepted Solution

by:
funasset earned 0 total points
ID: 38818203
I'm not sure what actually cleared the problem as it was a bit of a panic job! I restarted both my DCs which included a reboot of the DNS services, flushed DNS caches all over the place and all of a sudden it just decided to play nicely. Thanks Windows.
0
 

Author Closing Comment

by:funasset
ID: 38834490
See previous update.
0

Featured Post

Office 365 Training for IT Pros

Learn how to provision tenants, synchronize on-premise Active Directory, implement Single Sign-On, customize Office deployment, and protect your organization with eDiscovery and DLP policies.  Only from Platform Scholar.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Background Information Recently I have fixed file server permission issues for one of my client. The client has 1800 users and one Windows Server 2008 R2 domain joined file server with 12 TB of data, 250+ shared folders and the folder structure i…
Recently, Microsoft released a best-practice guide for securing Active Directory. It's a whopping 300+ pages long. Those of us tasked with securing our company’s databases and systems would, ideally, have time to devote to learning the ins and outs…
This tutorial will walk an individual through the steps necessary to configure their installation of BackupExec 2012 to use network shared disk space. Verify that the path to the shared storage is valid and that data can be written to that location:…
This tutorial will walk an individual through setting the global and backup job media overwrite and protection periods in Backup Exec 2012. Log onto the Backup Exec Central Administration Server. Examine the services. If all or most of them are stop…

739 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question