Solved

Guest Account Lockout

Posted on 2013-06-13
2
887 Views
Last Modified: 2013-06-17
I've been noticing that my guest account on my domain controller is randomly getting locked out.  The odd thing is, this account is disabled, how would a account get locked out if its disabled already?  I normally would never notice these events, but my monitoring software emails on account lockouts.  I'm just trying to get to the bottom of the cause and too see if I should just igonore them.  It happens randomly from different workstations.  I also have a gpo setup to disable the local guest account at logon on each workstation.  Anyone else run into this issue?
0
Comment
Question by:PSGITech
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 26

Accepted Solution

by:
pony10us earned 500 total points
ID: 39244774
"The odd thing is, this account is disabled, how would a account get locked out if its disabled already?"

Disable and lock out are two separate functions.  Even though the account is disabled it still will look at attempts to sign in and if it matchs the number of failures set to lockout then it will lock out the account.

It is recommended that you change the name of the guest account as well as disable it. It may be that one or more individuals (" It happens randomly from different workstations") may be attempting to access the system.

As long as the account is disabled it is not a big threat however it is always best to know what/who is attempting to access your system.  I would look at the workstations that are the cause and see if anything shows up in their event viewer that may indicate what they are attempting to do.
0
 

Expert Comment

by:daisythecat
ID: 39245198
If workstations arent configured properly, or if they use a home version of windows rather than pro or enterprise they can try to access the guest account when attempting to access a domain or workgroup
0

Featured Post

Are your AD admin tools letting you down?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A project that enables an administrator to perform actions within a user session context not just at the time of login but any time later on day(s) or week(s) later.
Did you know that more than 4 billion data records have been recorded as lost or stolen since 2013? It was a staggering number brought to our attention during last week’s ManageEngine webinar, where attendees received a comprehensive look at the ma…
Attackers love to prey on accounts that have privileges. Reducing privileged accounts and protecting privileged accounts therefore is paramount. Users, groups, and service accounts need to be protected to help protect the entire Active Directory …
Are you ready to implement Active Directory best practices without reading 300+ pages? You're in luck. In this webinar hosted by Skyport Systems, you gain insight into Microsoft's latest comprehensive guide, with tips on the best and easiest way…

739 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question