Improve company productivity with a Business Account.Sign Up

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 339
  • Last Modified:

GP Account Lockout, strange behaviour

Hi all
I've enabled, on my domain (win srv 2008), the Account Lockout Policy.
I have a problem with only 1 user (in total they are 80, more or less).
He finds randomly his account locked, but he does not use a wrong password (at least, not 10 times as GP!). It happens 2-3 times every month.

In event viewer I cannot find anything regarding these locks

He uses:
- pc with Windows 7
- mac with parallels for a Windows 7 machine
- iPad
- iPhone

Any ideas?
Thx
0
ServiceAdvisory
Asked:
ServiceAdvisory
  • 5
  • 3
1 Solution
 
Alex Green3rd Line Server SupportCommented:
Go here

http://www.microsoft.com/en-gb/download/details.aspx?id=18465

Download the lockout tools, it will scan your domain controllers and you should be able to find where the account is locking out. Go to said computer and you'll probably find something like a scheduled task or the account logged on with an old password.
0
 
ServiceAdvisoryAuthor Commented:
nice tool, but from there I can see on which DC is locked (when he is): or I am using it in the wrong way?

I read that I should look for an event id 4740, but I cannot find it anywhere.
0
 
Alex Green3rd Line Server SupportCommented:
If you open eventcombMT and then at the top click searches, built in searches, account lock outs :D
0
Making Bulk Changes to Active Directory

Watch this video to see how easy it is to make mass changes to Active Directory from an external text file without using complicated scripts.

 
ServiceAdvisoryAuthor Commented:
ok, good
but no results here

Total events searched: 540396
Total matches found: 0
0
 
Alex Green3rd Line Server SupportCommented:
:-(

Not sure then, it could be that he's actually just locking out his account by accident and doesn't want to admit it... :S

The other thing I would check is your current Security log size, if it's not large enough it'll only keep data for the day rather than historical data, you may need to change that so you have the logs to scan in the first place.

Regards

Alex
0
 
Joseph MoodyBlogger and wearer of all hats.Commented:
What is your account lockout threshold? Microsoft suggests keeping it at 10.
0
 
ServiceAdvisoryAuthor Commented:
Yes, the value is 10
Any other idea?
0
 
ServiceAdvisoryAuthor Commented:
no solution atm
any idea, or I can close?
0
 
ServiceAdvisoryAuthor Commented:
no solution provided
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Making Bulk Changes to Active Directory

Watch this video to see how easy it is to make mass changes to Active Directory from an external text file without using complicated scripts.

  • 5
  • 3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now