• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 96
  • Last Modified:

Windows account getting locked out frequently

Dear All,

We are experiencing frequent account lock outs for a user and would appreciate some suggestions to find the root cause.

The user accessed the said account through VPN, where he was prompted for a Password change.
After this, the account has been continuously locked out, several times a day.

We tried using a tool called Netwrix, which spotted the account cache on the proxy to be the cause. But even after clearing the cache, the same result. Appreciate any inputs on this.

We checked, the user is not accessing his account from any mobile device
We also tried updating Microsoft updates

Regards,
T
0
TiazfaD
Asked:
TiazfaD
1 Solution
 
John TsioumprisSoftware & Systems EngineerCommented:
Are you 100% sure about his mobile devices...also what about virus/malware threat
0
 
Dr. KlahnPrincipal Software EngineerCommented:
Sounds like the VPN was not secure and his login credentials were captured by a hostile.  Would it be satisfactory to issue the user a new login, move his files, and delete the old login?
0
 
Ajit SinghCommented:
Here are the steps to troubleshoot the AD account lockout issue occurring numerous time a day. It will cover to trace the bad computer name from where account is locking out and steps to clear the cache: http://yourcomputer.in/windows-ad-account-lockout-numerous-time-a-day/

Also type Credential manager in the start menu and see if anything in there is saving your password to use.

Also have a look at the Account Lockout and Management Tools that is available from Microsoft. Specifically, LockoutStatus.exe and EventCombMT.exe. By using this you should be able to narrow it down quite a bit to make it easier to see.

Here are a couple more articles that might help:

Identify the source of Account Lockouts in Active Directory:
https://community.spiceworks.com/how_to/128213-identify-the-source-of-account-lockouts-in-active-directory

Troubleshooting account lockout the PSS way:
https://blogs.technet.microsoft.com/instan/2009/09/01/troubleshooting-account-lockout-the-pss-way/
2
 
Thomas Zucker-ScharffSystems AnalystCommented:
Also try account lockout tool from Netwrix  (free). Includes a fill you can put on said machine to capture the event.
2
 
Thomas Zucker-ScharffSystems AnalystCommented:
Kevin seems to have the best solution and an extensive thought out post.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Creating Active Directory Users from a Text File

If your organization has a need to mass-create AD user accounts, watch this video to see how its done without the need for scripting or other unnecessary complexities.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now