Solved

Account Lockout

Posted on 2014-04-04
12
32 Views
Last Modified: 2016-06-03
I have random users at random time that are getting lockout. I used TechNet tool "LockOutStatus" to figure out that the originating lockout DC is in one particular site. That site has our exchange server. I am thinking that a device like an tablet or phone is locking the device.

I used OWA to remove any uknown device from there account. The problem is still happening.

Is there a way to find out what computer or device is locking the AD account?
0
Comment
Question by:eMarketer75
12 Comments
 
LVL 17

Expert Comment

by:Brad Bouchard
ID: 39978567
I don't know about finding the device, but turn off ActiveSync for all users in Exchange and then see if these accounts get locked out again.  If they don't, then your suspicion is true.
0
 
LVL 10

Expert Comment

by:tmoore1962
ID: 39978580
Probably a device is attempting to connect to their owa account and failing.
Trying following instructions in this article to log exchange log in failures.
http://technet.microsoft.com/en-us/magazine/ff381463.aspx.
0
 

Author Comment

by:eMarketer75
ID: 39978592
I can't disable ActiveSync at the moment.
0
 

Author Comment

by:eMarketer75
ID: 39978598
I will try to enable auditing on the exchange servers.  Thank you guys for the suggestions.
0
 
LVL 12

Expert Comment

by:Md. Mojahid
ID: 39979877
Have you implement any GPO in your organization.
0
PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

 

Expert Comment

by:CodnameBlack
ID: 39980221
Yes, it is likely a device that is locking the account out.  I would remove all devices for the users active sync, and have them re add the account.
0
 

Author Comment

by:eMarketer75
ID: 39984375
@Md, Mojahid

Not in a few months.
0
 

Author Comment

by:eMarketer75
ID: 39984380
I look the security logs on out DCS for even 4740 and found that the account was getting lock by a web server. I'm not sure why, but we are looking into it.
0
 

Author Comment

by:eMarketer75
ID: 39984387
Also we are having the same problems with another domain. its part of a different forest. Can AD replication cause this?
0
 
LVL 17

Expert Comment

by:Brad Bouchard
ID: 39984455
Should have if it's in a different domain, even in the same Forest.
0
 

Accepted Solution

by:
eMarketer75 earned 0 total points
ID: 40004406
I found out what was the problem. It seems that my problem has been related to different things. Such as users logging in our internal sites with wrong passwords, users that have Mail (mac) configured and never changed the client with the new password and administrators logging into servers and never logging out.

To fix the problem with administrators I set a gp to kill any session that have been disconnected for longer than an hour.

I also configured a task to run on all my DCs that will alert me when a users gets lockout. That help me identify the problem. The link is bellow for anyone else that has this problem.

http://www.gavinwill.me.uk/2012/08/automatic-notification-for-active-directory-account-lockouts/
0

Featured Post

Control application downtime with dependency maps

Visualize the interdependencies between application components better with Applications Manager's automated application discovery and dependency mapping feature. Resolve performance issues faster by quickly isolating problematic components.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Lotus Notes – formerly IBM Notes – is an email client application, while IBM Domino (earlier Lotus Domino) is an email server. The client possesses a set of features that are even more advanced as compared to that of Outlook. Likewise, IBM Domino is…
This script can help you clean up your user profile database by comparing profiles to Active Directory users in a particular OU, and removing the profiles that don't match.
In this video we show how to create an email address policy in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.:  First we need to log into the Exchange Admin Center. Navigate to the Mail Flow…
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …

911 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

24 Experts available now in Live!

Get 1:1 Help Now