Solved

my AD accounts keeps locking up!

Posted on 2013-01-29
6
286 Views
Last Modified: 2013-01-30
hi experts,

 I changed my domain password about 3 weeks ago and every since then my AD account keeps locking up. I have an iphone with exchange email setup and I RDC to multiple servers. I've checked all of them and have signed off just to make sure there are no cache credentials. but it continues to lock out. What do I need to do or where do I need to look ?
0
Comment
Question by:frankbustos
6 Comments
 
LVL 57

Expert Comment

by:Mike Kline
ID: 38831915
Sounds like there is a service or app on a box somewhere still using that old PW.  Go through the article below (with links to Microsoft tools that can help track it down)

http://blogs.technet.com/b/instan/archive/2009/09/01/troubleshooting-account-lockout-the-pss-way.aspx

Is it just happening to your account that you changed the PW on?

Thanks

Mike
0
 
LVL 17

Accepted Solution

by:
Tony Massa earned 500 total points
ID: 38831919
Use lockoutstatus.exe - This will give you the DC that locked out your account.  Then check the security event viewer for your user ID and find the failed logons.  This will give you the IP address of the host sending a bad username/password.  Then check the host sending the bad username/password and it will give you the process ID (application) sending the bad password.

You will have to enable failed account logon events to get this info.  Make sure that you are checking the "Credential Manager" (Windows 7) for stored userID/passwords
http://windows.microsoft.com/is-IS/windows7/What-is-Credential-Manager
0
 
LVL 18

Expert Comment

by:Americom
ID: 38831920
check the event logs of each of your domain controller, there should be event that shows you the machine was locking from. This usually has to do with session left disconnected but still running with old password. Other are service or task configured with old password needs to be updated. Or even mapped drives with old password etc.
0
Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

 
LVL 18

Expert Comment

by:Americom
ID: 38831941
0
 

Expert Comment

by:RafaZamora
ID: 38833309
Hi
In the event Viewer of the DC filter de security events with the id 644. you find who host is tried to connect with your old credentials.
If you have two or more local Domain Controllers you need to check all of them
Best Regards
0
 

Author Closing Comment

by:frankbustos
ID: 38837176
thanks!
0

Featured Post

What is SQL Server and how does it work?

The purpose of this paper is to provide you background on SQL Server. It’s your self-study guide for learning fundamentals. It includes both the history of SQL and its technical basics. Concepts and definitions will form the solid foundation of your future DBA expertise.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In this article, I am going to show you how to simulate a multi-site Lab environment on a single Hyper-V host. I use this method successfully in my own lab to simulate three fully routed global AD Sites on a Windows 10 Hyper-V host.
This article outlines the process to identify and resolve account lockout in an Active Directory environment.
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …

829 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question