Solved

Windows Active Directory Something Locking out Accounts

Posted on 2014-02-26
3
332 Views
Last Modified: 2014-02-27
We have a windows 2008 active directory environment.  Random accounts are getting locked out.  Is there a tool that I can load that will allow me to figure out what is locking out the accounts or is there something that I can turn on in active directory that will allow me to log the device or system that is causing the account lock outs?
0
Comment
Question by:BPSD-IT
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
3 Comments
 
LVL 21

Accepted Solution

by:
Radhakrishnan R earned 500 total points
ID: 39888727
0
 
LVL 35

Expert Comment

by:Joseph Daly
ID: 39888812
The account lockout tools is always my first go to on this. Once you have them up and running you should be able to get the dates/times/locations of the lock.

To get the most out of the lockout tools you will need to have security auditing turned on on your DCs.

Assuming you have the auditing turned on and the time the account was locked out you can look at the event log for warnings/failures around that time. In the failure audit event you should have an IP, hostname, or some other identifying information as to what i causing the lock.
0
 
LVL 5

Expert Comment

by:Pankaj_401
ID: 39891120
There may be many causes for account locked out such as :
•user's account in stored user name and passwords
•user's account tied to persistent mapped drive
•user's account as a service account
•user's account used as an IIS application pool identity
•user's account tied to a scheduled task
•un-suspending a virtual machine after a user's pw as changed
For troubleshooting account lockout randomly, please check this KB article : http://technet.microsoft.com/en-us/library/cc773155(WS.10).aspx
Additionally, you can have check this link also which seems fit in resolving such account lockout issues quickly :http://www.activedirectoryaudit.com/
0

Featured Post

Transaction Monitoring Vs. Real User Monitoring

Synthetic Transaction Monitoring Vs. Real User Monitoring: When To Use Each Approach? In this article, we will discuss two major monitoring approaches: Synthetic Transaction and Real User Monitoring.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A safe way to clean winsxs folder from your windows server 2008 R2 editions
For anyone that has accidentally used newSID with Server 2008 R2 (like I did) and hasn't been able to get the server running again because you were unlucky (as I was) and had no backups - I was able to get things working by doing a Registry Hive rec…
This tutorial will walk an individual through locating and launching the BEUtility application and how to execute it on the appropriate database. Log onto the server running the Backup Exec database. In a larger environment, this would generally be …
This Micro Tutorial hows how you can integrate  Mac OSX to a Windows Active Directory Domain. Apple has made it easy to allow users to bind their macs to a windows domain with relative ease. The following video show how to bind OSX Mavericks to …

707 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question