Solved

Account Lockout

Posted on 2014-04-04
12
34 Views
Last Modified: 2016-06-03
I have random users at random time that are getting lockout. I used TechNet tool "LockOutStatus" to figure out that the originating lockout DC is in one particular site. That site has our exchange server. I am thinking that a device like an tablet or phone is locking the device.

I used OWA to remove any uknown device from there account. The problem is still happening.

Is there a way to find out what computer or device is locking the AD account?
0
Comment
Question by:eMarketer75
12 Comments
 
LVL 17

Expert Comment

by:Brad Bouchard
ID: 39978567
I don't know about finding the device, but turn off ActiveSync for all users in Exchange and then see if these accounts get locked out again.  If they don't, then your suspicion is true.
0
 
LVL 10

Expert Comment

by:tmoore1962
ID: 39978580
Probably a device is attempting to connect to their owa account and failing.
Trying following instructions in this article to log exchange log in failures.
http://technet.microsoft.com/en-us/magazine/ff381463.aspx.
0
 

Author Comment

by:eMarketer75
ID: 39978592
I can't disable ActiveSync at the moment.
0
Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

 

Author Comment

by:eMarketer75
ID: 39978598
I will try to enable auditing on the exchange servers.  Thank you guys for the suggestions.
0
 
LVL 12

Expert Comment

by:Md. Mojahid
ID: 39979877
Have you implement any GPO in your organization.
0
 

Expert Comment

by:CodnameBlack
ID: 39980221
Yes, it is likely a device that is locking the account out.  I would remove all devices for the users active sync, and have them re add the account.
0
 

Author Comment

by:eMarketer75
ID: 39984375
@Md, Mojahid

Not in a few months.
0
 

Author Comment

by:eMarketer75
ID: 39984380
I look the security logs on out DCS for even 4740 and found that the account was getting lock by a web server. I'm not sure why, but we are looking into it.
0
 

Author Comment

by:eMarketer75
ID: 39984387
Also we are having the same problems with another domain. its part of a different forest. Can AD replication cause this?
0
 
LVL 17

Expert Comment

by:Brad Bouchard
ID: 39984455
Should have if it's in a different domain, even in the same Forest.
0
 

Accepted Solution

by:
eMarketer75 earned 0 total points
ID: 40004406
I found out what was the problem. It seems that my problem has been related to different things. Such as users logging in our internal sites with wrong passwords, users that have Mail (mac) configured and never changed the client with the new password and administrators logging into servers and never logging out.

To fix the problem with administrators I set a gp to kill any session that have been disconnected for longer than an hour.

I also configured a task to run on all my DCs that will alert me when a users gets lockout. That help me identify the problem. The link is bellow for anyone else that has this problem.

http://www.gavinwill.me.uk/2012/08/automatic-notification-for-active-directory-account-lockouts/
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Find out what you should include to make the best professional email signature for your organization.
This article explains how to install and use the NTBackup utility that comes with Windows Server.
This video discusses moving either the default database or any database to a new volume.
This video demonstrates how to sync Microsoft Exchange Public Folders with smartphones using CodeTwo Exchange Sync and Exchange ActiveSync. To learn more about CodeTwo Exchange Sync and download the free trial, go to: http://www.codetwo.com/excha…

860 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question