• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1197
  • Last Modified:

Guest Account Lockout

I've been noticing that my guest account on my domain controller is randomly getting locked out.  The odd thing is, this account is disabled, how would a account get locked out if its disabled already?  I normally would never notice these events, but my monitoring software emails on account lockouts.  I'm just trying to get to the bottom of the cause and too see if I should just igonore them.  It happens randomly from different workstations.  I also have a gpo setup to disable the local guest account at logon on each workstation.  Anyone else run into this issue?
1 Solution
"The odd thing is, this account is disabled, how would a account get locked out if its disabled already?"

Disable and lock out are two separate functions.  Even though the account is disabled it still will look at attempts to sign in and if it matchs the number of failures set to lockout then it will lock out the account.

It is recommended that you change the name of the guest account as well as disable it. It may be that one or more individuals (" It happens randomly from different workstations") may be attempting to access the system.

As long as the account is disabled it is not a big threat however it is always best to know what/who is attempting to access your system.  I would look at the workstations that are the cause and see if anything shows up in their event viewer that may indicate what they are attempting to do.
If workstations arent configured properly, or if they use a home version of windows rather than pro or enterprise they can try to access the guest account when attempting to access a domain or workgroup
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Making Bulk Changes to Active Directory

Watch this video to see how easy it is to make mass changes to Active Directory from an external text file without using complicated scripts.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now