We are having a recurring problem with our policies that we are wondering if there is a way, a tool or a piece of software that can help us out.
Win 2008 Server running our network. We have a password policy that requires pw changes every 30 days.
The problem we have is on a few accounts, as soon as they change their policy, they are getting locked out every 30 minutes or so because of failed login attempts. We know the failed login attempts is from remote connection that was set up with the old password. The problem is, we always have a hard time find where.
Is there a simple way to detect where the failed logins are coming from?
Thanks so much,