Solved

Account Lockout

Posted on 2014-04-04
12
35 Views
Last Modified: 2016-06-03
I have random users at random time that are getting lockout. I used TechNet tool "LockOutStatus" to figure out that the originating lockout DC is in one particular site. That site has our exchange server. I am thinking that a device like an tablet or phone is locking the device.

I used OWA to remove any uknown device from there account. The problem is still happening.

Is there a way to find out what computer or device is locking the AD account?
0
Comment
Question by:eMarketer75
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
12 Comments
 
LVL 17

Expert Comment

by:Brad Bouchard
ID: 39978567
I don't know about finding the device, but turn off ActiveSync for all users in Exchange and then see if these accounts get locked out again.  If they don't, then your suspicion is true.
0
 
LVL 10

Expert Comment

by:tmoore1962
ID: 39978580
Probably a device is attempting to connect to their owa account and failing.
Trying following instructions in this article to log exchange log in failures.
http://technet.microsoft.com/en-us/magazine/ff381463.aspx.
0
 

Author Comment

by:eMarketer75
ID: 39978592
I can't disable ActiveSync at the moment.
0
SharePoint Admin?

Enable Your Employees To Focus On The Core With Intuitive Onscreen Guidance That is With You At The Moment of Need.

 

Author Comment

by:eMarketer75
ID: 39978598
I will try to enable auditing on the exchange servers.  Thank you guys for the suggestions.
0
 
LVL 12

Expert Comment

by:Md. Mojahid
ID: 39979877
Have you implement any GPO in your organization.
0
 

Expert Comment

by:CodnameBlack
ID: 39980221
Yes, it is likely a device that is locking the account out.  I would remove all devices for the users active sync, and have them re add the account.
0
 

Author Comment

by:eMarketer75
ID: 39984375
@Md, Mojahid

Not in a few months.
0
 

Author Comment

by:eMarketer75
ID: 39984380
I look the security logs on out DCS for even 4740 and found that the account was getting lock by a web server. I'm not sure why, but we are looking into it.
0
 

Author Comment

by:eMarketer75
ID: 39984387
Also we are having the same problems with another domain. its part of a different forest. Can AD replication cause this?
0
 
LVL 17

Expert Comment

by:Brad Bouchard
ID: 39984455
Should have if it's in a different domain, even in the same Forest.
0
 

Accepted Solution

by:
eMarketer75 earned 0 total points
ID: 40004406
I found out what was the problem. It seems that my problem has been related to different things. Such as users logging in our internal sites with wrong passwords, users that have Mail (mac) configured and never changed the client with the new password and administrators logging into servers and never logging out.

To fix the problem with administrators I set a gp to kill any session that have been disconnected for longer than an hour.

I also configured a task to run on all my DCs that will alert me when a users gets lockout. That help me identify the problem. The link is bellow for anyone else that has this problem.

http://www.gavinwill.me.uk/2012/08/automatic-notification-for-active-directory-account-lockouts/
0

Featured Post

Microsoft Certification Exam 74-409

Veeam® is happy to provide the Microsoft community with a study guide prepared by MVP and MCT, Orin Thomas. This guide will take you through each of the exam objectives, helping you to prepare for and pass the examination.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article describes my battle tested process for setting up delegation. I use this process anywhere that I need to setup delegation. In the article I will show how it applies to Active Directory
Active Directory security has been a hot topic of late, and for good reason. With 90% of the world’s organization using this system to manage access to all parts of their IT infrastructure, knowing how to protect against threats and keep vulnerabil…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…
In this Micro Video tutorial you will learn the basics about Database Availability Groups and How to configure one using a live Exchange Server Environment. The video tutorial explains the basics of the Exchange server Database Availability grou…

730 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question