InSearchOf
asked on
AD lockouts-AdAudit Plus
I have been trying to find the cause of my constant account lockouts. I have already ruled out the common causes, active sync, cached passwords, mapped drives, services running under my account, scheduled tasks, and I cannot seem to find the cause.
We recently purchased AdAudit Plus. When I run it it tells me that the source is one of my Domain controllers with a source IP of 127.0.0.1 and the error is being logged by that controller with a bad password. I cannot find on the server what is running that is causing the issue.
We recently purchased AdAudit Plus. When I run it it tells me that the source is one of my Domain controllers with a source IP of 127.0.0.1 and the error is being logged by that controller with a bad password. I cannot find on the server what is running that is causing the issue.
Is you DNS server misconfigured to use 127.0.0.1?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
In my DNS settings it is listed in the advanced tab but not in the IP4 setting of the NIC,
I have tried the lockout utility but it is not that helpful in pinpointing the source
I have tried the lockout utility but it is not that helpful in pinpointing the source
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
In the IP4 properties of the NIC, the IP address of the server is in the dns settings as the primary. The loopback address is listed in the DNS tab of the advanced TCP/IP settings. There are three entries in that tab and the loopback is listed last.
ASKER
OK I finally found the problem. I had used my ad account to enable DNS dynamic updates registration in the IPV4 DHCP properties. That was on me. I should have created a service account to use.
Very cool that you found it. Thanks for the grade. Good luck.