Go Premium for a chance to win a PS4. Enter to Win

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 41
  • Last Modified:

Domain Admin keeps getting locked out

My assistant has been messing with security and has made a mess of a few things.   The biggest problem his is account keeps getting locked out.  He is a Domain Admin.

This has been happening for a few weeks.  
He is positive he is not typing his password incorrectly.

What could be causing this?   HELP!
0
J.R. Sitman
Asked:
J.R. Sitman
  • 7
  • 3
1 Solution
 
serialbandCommented:
Did he change his password while he had a connection open somewhere?  Did he leave himself logged into a system and forget to log out of everything (every single system) before he attempted to change his password?  Did he schedule some task and used his account and password and left the task running without changing the password?

Those are probably the first things to check.  Next check the Event logs for every password authentication related to his account and see which ones are failing.  That might narrow it down.
0
 
Mike ParksDirector of Information TechnologyCommented:
His account is in use somewhere and trying to talk to the domain with an old password.  Make sure that he is logged off all computers. Sometimes a person will "Switch Users" on a Windows computer and leave their old session running. Therefore, reboot all computers he has logged into recently.

If he has Exchange on his mobile and he has changed his password recently, he needs to remember to change the password on the phone, too.  Same goes for company wifi - if the wifi controller is tied into Active Directory, then he needs to change the password on the wifi connection.  Both these will cause lockouts if the password isn't changed.
0
 
J.R. SitmanAuthor Commented:
I've just become extremely concerned.  When checking the security logs on one of our Citrix servers, there are a very large number of failed attempts.  
Do I need to be concerned or is this typical?

audit failures
0
Simplify Active Directory Administration

Administration of Active Directory does not have to be hard.  Too often what should be a simple task is made more difficult than it needs to be.The solution?  Hyena from SystemTools Software.  With ease-of-use as well as powerful importing and bulk updating capabilities.

 
serialbandCommented:
If that's your assistant's account an a computer you know, then that explains the lockout.

If it's not, and it's a random account and your getting numerous random account failures, then you have some script kiddie attack or someone on your network got a virus.  Go find that and fix it.
0
 
J.R. SitmanAuthor Commented:
I seriously doubt if it's a virus. But I'll look into the other
0
 
J.R. SitmanAuthor Commented:
there are many of those all random names they're definitely not my assistant
0
 
serialbandCommented:
Is that a computer name you recognize?
0
 
J.R. SitmanAuthor Commented:
yes, it is one of our Citrix servers.   I don't know how to stop it.  Can you advice, please.
0
 
J.R. SitmanAuthor Commented:
I just noticed the Windows Firewall is turned on.   On the other Citrix server we have it is turned off and it is not getting any attacks.

NOTE:  The server that is getting attacks is a Hyper-V VM.
0
 
J.R. SitmanAuthor Commented:
I had to disable his account and create a new one.  I have no idea what he did, but it messed up his account.
0
 
J.R. SitmanAuthor Commented:
no actual solution found.  I had to disable my assistants account
0

Featured Post

Free Tool: Path Explorer

An intuitive utility to help find the CSS path to UI elements on a webpage. These paths are used frequently in a variety of front-end development and QA automation tasks.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

  • 7
  • 3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now