Solved

my AD accounts keeps locking up!

Posted on 2013-01-29
6
291 Views
Last Modified: 2013-01-30
hi experts,

 I changed my domain password about 3 weeks ago and every since then my AD account keeps locking up. I have an iphone with exchange email setup and I RDC to multiple servers. I've checked all of them and have signed off just to make sure there are no cache credentials. but it continues to lock out. What do I need to do or where do I need to look ?
0
Comment
Question by:frankbustos
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
6 Comments
 
LVL 57

Expert Comment

by:Mike Kline
ID: 38831915
Sounds like there is a service or app on a box somewhere still using that old PW.  Go through the article below (with links to Microsoft tools that can help track it down)

http://blogs.technet.com/b/instan/archive/2009/09/01/troubleshooting-account-lockout-the-pss-way.aspx

Is it just happening to your account that you changed the PW on?

Thanks

Mike
0
 
LVL 17

Accepted Solution

by:
Tony Massa earned 500 total points
ID: 38831919
Use lockoutstatus.exe - This will give you the DC that locked out your account.  Then check the security event viewer for your user ID and find the failed logons.  This will give you the IP address of the host sending a bad username/password.  Then check the host sending the bad username/password and it will give you the process ID (application) sending the bad password.

You will have to enable failed account logon events to get this info.  Make sure that you are checking the "Credential Manager" (Windows 7) for stored userID/passwords
http://windows.microsoft.com/is-IS/windows7/What-is-Credential-Manager
0
 
LVL 18

Expert Comment

by:Americom
ID: 38831920
check the event logs of each of your domain controller, there should be event that shows you the machine was locking from. This usually has to do with session left disconnected but still running with old password. Other are service or task configured with old password needs to be updated. Or even mapped drives with old password etc.
0
Prepare for your VMware VCP6-DCV exam.

Josh Coen and Jason Langer have prepared the latest edition of VCP study guide. Both authors have been working in the IT field for more than a decade, and both hold VMware certifications. This 163-page guide covers all 10 of the exam blueprint sections.

 
LVL 18

Expert Comment

by:Americom
ID: 38831941
0
 

Expert Comment

by:RafaZamora
ID: 38833309
Hi
In the event Viewer of the DC filter de security events with the id 644. you find who host is tried to connect with your old credentials.
If you have two or more local Domain Controllers you need to check all of them
Best Regards
0
 

Author Closing Comment

by:frankbustos
ID: 38837176
thanks!
0

Featured Post

Office 365 Training for Admins - 7 Day Trial

Learn how to provision tenants, synchronize on-premise Active Directory, implement Single Sign-On, customize Office deployment, and protect your organization with eDiscovery and DLP policies.  Only from Platform Scholar.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Active Directory security has been a hot topic of late, and for good reason. With 90% of the world’s organization using this system to manage access to all parts of their IT infrastructure, knowing how to protect against threats and keep vulnerabil…
A hard and fast method for reducing Active Directory Administrators members.
This Micro Tutorial hows how you can integrate  Mac OSX to a Windows Active Directory Domain. Apple has made it easy to allow users to bind their macs to a windows domain with relative ease. The following video show how to bind OSX Mavericks to …
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …

630 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question