?
Solved

Windows account getting locked out frequently

Posted on 2016-09-26
5
Medium Priority
?
61 Views
Last Modified: 2016-10-15
Dear All,

We are experiencing frequent account lock outs for a user and would appreciate some suggestions to find the root cause.

The user accessed the said account through VPN, where he was prompted for a Password change.
After this, the account has been continuously locked out, several times a day.

We tried using a tool called Netwrix, which spotted the account cache on the proxy to be the cause. But even after clearing the cache, the same result. Appreciate any inputs on this.

We checked, the user is not accessing his account from any mobile device
We also tried updating Microsoft updates

Regards,
T
0
Comment
Question by:TiazfaD
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
5 Comments
 
LVL 18

Expert Comment

by:John Tsioumpris
ID: 41815801
Are you 100% sure about his mobile devices...also what about virus/malware threat
0
 
LVL 28

Expert Comment

by:Dr. Klahn
ID: 41815810
Sounds like the VPN was not secure and his login credentials were captured by a hostile.  Would it be satisfactory to issue the user a new login, move his files, and delete the old login?
0
 
LVL 14

Accepted Solution

by:
Ajit Singh earned 2000 total points (awarded by participants)
ID: 41815813
Here are the steps to troubleshoot the AD account lockout issue occurring numerous time a day. It will cover to trace the bad computer name from where account is locking out and steps to clear the cache: http://yourcomputer.in/windows-ad-account-lockout-numerous-time-a-day/

Also type Credential manager in the start menu and see if anything in there is saving your password to use.

Also have a look at the Account Lockout and Management Tools that is available from Microsoft. Specifically, LockoutStatus.exe and EventCombMT.exe. By using this you should be able to narrow it down quite a bit to make it easier to see.

Here are a couple more articles that might help:

Identify the source of Account Lockouts in Active Directory:
https://community.spiceworks.com/how_to/128213-identify-the-source-of-account-lockouts-in-active-directory

Troubleshooting account lockout the PSS way:
https://blogs.technet.microsoft.com/instan/2009/09/01/troubleshooting-account-lockout-the-pss-way/
2
 
LVL 29

Expert Comment

by:Thomas Zucker-Scharff
ID: 41815858
Also try account lockout tool from Netwrix  (free). Includes a fill you can put on said machine to capture the event.
2
 
LVL 29

Expert Comment

by:Thomas Zucker-Scharff
ID: 41844851
Kevin seems to have the best solution and an extensive thought out post.
0

Featured Post

NFR key for Veeam Backup for Microsoft Office 365

Veeam is happy to provide a free NFR license (for 1 year, up to 10 users). This license allows for the non‑production use of Veeam Backup for Microsoft Office 365 in your home lab without any feature limitations.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article will help to fix the below error for MS Exchange server 2010 I. Out Of office not working II. Certificate error "name on the security certificate is invalid or does not match the name of the site" III. Make Internal URLs and External…
In the absence of a fully-fledged GPO Management product like AGPM, the script in this article will provide you with a simple way to watch the domain (or a select OU) for GPOs changes and automatically take backups when policies are added, removed o…
Windows 10 is mostly good. However the one thing that annoys me is how many clicks you have to do to dial a VPN connection. You have to go to settings from the start menu, (2 clicks), Network and Internet (1 click), Click VPN (another click) then fi…
This video shows how to quickly and easily add an email signature for all users on Exchange 2016. The resulting signature is applied on a server level by Exchange Online. The email signature template has been downloaded from: www.mail-signatures…
Suggested Courses

765 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question