Go Premium for a chance to win a PS4. Enter to Win

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 293
  • Last Modified:

my AD accounts keeps locking up!

hi experts,

 I changed my domain password about 3 weeks ago and every since then my AD account keeps locking up. I have an iphone with exchange email setup and I RDC to multiple servers. I've checked all of them and have signed off just to make sure there are no cache credentials. but it continues to lock out. What do I need to do or where do I need to look ?
0
frankbustos
Asked:
frankbustos
1 Solution
 
Mike KlineCommented:
Sounds like there is a service or app on a box somewhere still using that old PW.  Go through the article below (with links to Microsoft tools that can help track it down)

http://blogs.technet.com/b/instan/archive/2009/09/01/troubleshooting-account-lockout-the-pss-way.aspx

Is it just happening to your account that you changed the PW on?

Thanks

Mike
0
 
Tony MassaCommented:
Use lockoutstatus.exe - This will give you the DC that locked out your account.  Then check the security event viewer for your user ID and find the failed logons.  This will give you the IP address of the host sending a bad username/password.  Then check the host sending the bad username/password and it will give you the process ID (application) sending the bad password.

You will have to enable failed account logon events to get this info.  Make sure that you are checking the "Credential Manager" (Windows 7) for stored userID/passwords
http://windows.microsoft.com/is-IS/windows7/What-is-Credential-Manager
0
 
AmericomCommented:
check the event logs of each of your domain controller, there should be event that shows you the machine was locking from. This usually has to do with session left disconnected but still running with old password. Other are service or task configured with old password needs to be updated. Or even mapped drives with old password etc.
0
Simplify Active Directory Administration

Administration of Active Directory does not have to be hard.  Too often what should be a simple task is made more difficult than it needs to be.The solution?  Hyena from SystemTools Software.  With ease-of-use as well as powerful importing and bulk updating capabilities.

 
AmericomCommented:
0
 
RafaZamoraCommented:
Hi
In the event Viewer of the DC filter de security events with the id 644. you find who host is tried to connect with your old credentials.
If you have two or more local Domain Controllers you need to check all of them
Best Regards
0
 
frankbustosAuthor Commented:
thanks!
0

Featured Post

Veeam Disaster Recovery in Microsoft Azure

Veeam PN for Microsoft Azure is a FREE solution designed to simplify and automate the setup of a DR site in Microsoft Azure using lightweight software-defined networking. It reduces the complexity of VPN deployments and is designed for businesses of ALL sizes.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now