Solved

Windows Active Directory Something Locking out Accounts

Posted on 2014-02-26
3
323 Views
Last Modified: 2014-02-27
We have a windows 2008 active directory environment.  Random accounts are getting locked out.  Is there a tool that I can load that will allow me to figure out what is locking out the accounts or is there something that I can turn on in active directory that will allow me to log the device or system that is causing the account lock outs?
0
Comment
Question by:BPSD-IT
3 Comments
 
LVL 20

Accepted Solution

by:
Radhakrishnan Rajayyan earned 500 total points
Comment Utility
0
 
LVL 35

Expert Comment

by:Joseph Daly
Comment Utility
The account lockout tools is always my first go to on this. Once you have them up and running you should be able to get the dates/times/locations of the lock.

To get the most out of the lockout tools you will need to have security auditing turned on on your DCs.

Assuming you have the auditing turned on and the time the account was locked out you can look at the event log for warnings/failures around that time. In the failure audit event you should have an IP, hostname, or some other identifying information as to what i causing the lock.
0
 
LVL 5

Expert Comment

by:Pankaj_401
Comment Utility
There may be many causes for account locked out such as :
•user's account in stored user name and passwords
•user's account tied to persistent mapped drive
•user's account as a service account
•user's account used as an IIS application pool identity
•user's account tied to a scheduled task
•un-suspending a virtual machine after a user's pw as changed
For troubleshooting account lockout randomly, please check this KB article : http://technet.microsoft.com/en-us/library/cc773155(WS.10).aspx
Additionally, you can have check this link also which seems fit in resolving such account lockout issues quickly :http://www.activedirectoryaudit.com/
0

Featured Post

Complete Microsoft Windows PC® & Mac Backup

Backup and recovery solutions to protect all your PCs & Mac– on-premises or in remote locations. Acronis backs up entire PC or Mac with patented reliable disk imaging technology and you will be able to restore workstations to a new, dissimilar hardware in minutes.

Join & Write a Comment

Suggested Solutions

I had a question today where the user wanted to know how to delete an SSL Certificate, so I thought that I would quickly add this How to! Article for your reference. WHY WOULD YOU WANT TO DELETE A CERTIFICATE? 1. If an incorrect certificate was …
Restoring deleted objects in Active Directory has been a standard feature in Active Directory for many years, yet some admins may not know what is available.
This tutorial will walk an individual through locating and launching the BEUtility application and how to execute it on the appropriate database. Log onto the server running the Backup Exec database. In a larger environment, this would generally be …
This tutorial will walk an individual through configuring a drive on a Windows Server 2008 to perform shadow copies in order to quickly recover deleted files and folders. Click on Start and then select Computer to view the available drives on the se…

771 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

10 Experts available now in Live!

Get 1:1 Help Now