AD locked accounts

Hello Experts,


I've been looking for a utility or script easy to run that allows me to identity the source of AD locked accounts. I have a client that is running into frequent locked accounts issues, and instead of looking at security server logs on each DC, I would like to easy pull out this information and identity the root cause of this issue

Do you know of a easy free tool or PowerShell script that identify the source of locked accounts?


Thanks in advance

Our Env


2 Sites, multiple DCs, GCs, on each site, Exchange 2013 SP1, Blackberry, MDM Good technology, multiple file servers




Windows domain and forest level 2008, DCs version 2008 and 2012 R2
Jerry SeinfieldAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Marwan OsmanCommented:
download the tool in the below link:

https://www.microsoft.com/en-sa/download/details.aspx?id=15201&751be11f-ede8-5a0c-058c-2ee190a24fa6=True

when you use it to search for an account which is locked out, it will return the DC name from where the account is locked, log on to that DC, and since you have DC 2008 and 2012,  filter the event to ID 644 or 4740 or 6279, in this events you will see the PC name which caused the account to be locked out.

for more information refer to the below links:

https://technet.microsoft.com/en-us/library/cc738772(v=ws.10).aspx

https://technet.microsoft.com/en-us/library/cc773155(v=ws.10).aspx
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Paul MacDonaldDirector, Information SystemsCommented:
Nice, [Mar1 O]!
0
Marwan OsmanCommented:
Thank You paulmacd
0
Ultimate Tool Kit for Technology Solution Provider

Broken down into practical pointers and step-by-step instructions, the IT Service Excellence Tool Kit delivers expert advice for technology solution providers. Get your free copy now.

Jerry SeinfieldAuthor Commented:
great thank you Mar 1 O
0
Marwan OsmanCommented:
you are very welcome,  I was using this procedure and tool until we deployed the System Center Operations Manager 2012, there is many audit reports in SCOM (ACS feature) which generate the accounts locked out and the computer name which cause the issue in one excel sheet or pdf file.
0
Peter HutchisonSenior Network Systems SpecialistCommented:
We use this powershell script to create a CSV file and export it to  be used on a web page for very quick reference.

https://gallery.technet.microsoft.com/scriptcenter/Monitor-Active-Directory-e78d5a9a
0
Sikhumbuzo NtsadaIT AdministrationCommented:
Hi,

Please see 7 tools from Netwix, it has password examiner that could solve your issues.

Give it a try.
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Active Directory

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.