Improve company productivity with a Business Account.Sign Up

x
?
Solved

Azure domain controller issue

Posted on 2016-08-29
4
Medium Priority
?
98 Views
Last Modified: 2016-09-08
Hi Experts

I have a customer who his admin account is being locked from AD very random. After checking all security logs, more specifically for 4740 events, we can identify the source of the locked accounts appears to be a domain controller in Azure. My client has a hybrid AD-Azure and Office 365- Exchange 2010.



Any ideas on why the 4740 event is logged in a DC in Azure? My client has closed all RDP sessions from the domain, and even the dc in Azure, but his admin account keeps being locked very random, and the source of the locked account is the 2 DCs in Azure



Any ideas on how to resolve this issue?



Please, provide instructions step by step to resolve the issues, and an explanation on why the DC in Azure seems to be the source of the locked account?
0
Comment
Question by:Jerry Seinfield
  • 2
  • 2
4 Comments
 
LVL 6

Accepted Solution

by:
Ganesamoorthy S earned 2000 total points
ID: 41775080
enable netlogon logs on source Domain Controller in Azure to locate the affending IP

http://www.windowstricks.in/2016/06/account-lockout-caller-computer-name-blank-cisco-workstation-domain-controller.html
0
 

Author Comment

by:Jerry Seinfield
ID: 41775104
is this applicable for Windows server 2012 R2 domain controllers in Azure and on Premises?
0
 
LVL 6

Expert Comment

by:Ganesamoorthy S
ID: 41775198
Yes, it's applicable for Domain controllers in in Azure and on Premises
0
 

Author Comment

by:Jerry Seinfield
ID: 41790189
All good
0

Featured Post

Making Bulk Changes to Active Directory

Watch this video to see how easy it is to make mass changes to Active Directory from an external text file without using complicated scripts.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Sometimes it necessary to set special permissions on user objects.  For instance when using a Blackberry server, the SendAs permission needs to be set. I see many admins struggle with the setting that permission only to see it disappear within a few…
Native ability to set a user account password via AD GPO was removed because the passwords can be easily decrypted by any authenticated user in the domain. Microsoft recommends LAPS as a replacement and I have written an article that does something …
In this Micro Tutorial viewers will learn how they can get their files copied out from their unbootable system without need to use recovery services. As an example non-bootable Windows 2012R2 installation is used which has boot problems.
In this Micro Tutorial viewers will learn how to restore single file or folder from Bare Metal backup image of their system. Tutorial shows how to restore files and folders from system backup. Often it is not needed to restore entire system when onl…

579 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question