Windows Active Directory Something Locking out Accounts

We have a windows 2008 active directory environment.  Random accounts are getting locked out.  Is there a tool that I can load that will allow me to figure out what is locking out the accounts or is there something that I can turn on in active directory that will allow me to log the device or system that is causing the account lock outs?
BPSD-ITAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Radhakrishnan RSenior Technical LeadCommented:
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Joseph DalyCommented:
The account lockout tools is always my first go to on this. Once you have them up and running you should be able to get the dates/times/locations of the lock.

To get the most out of the lockout tools you will need to have security auditing turned on on your DCs.

Assuming you have the auditing turned on and the time the account was locked out you can look at the event log for warnings/failures around that time. In the failure audit event you should have an IP, hostname, or some other identifying information as to what i causing the lock.
0
Pankaj_401Commented:
There may be many causes for account locked out such as :
•user's account in stored user name and passwords
•user's account tied to persistent mapped drive
•user's account as a service account
•user's account used as an IIS application pool identity
•user's account tied to a scheduled task
•un-suspending a virtual machine after a user's pw as changed
For troubleshooting account lockout randomly, please check this KB article : http://technet.microsoft.com/en-us/library/cc773155(WS.10).aspx
Additionally, you can have check this link also which seems fit in resolving such account lockout issues quickly :http://www.activedirectoryaudit.com/
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Microsoft Legacy OS

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.