Xetroximyn
asked on
how can I tell why a user account keeps getting locked out?
I have a user account that keeps getting locked out within a minute or so.... I think there is some saved password somewhere maybe or something.... is there a way I can tell on the DC from where the bad login attempts are coming? Like what IP address?
Look in Control Panel, Credential Manager on the machine for an extra account. Delete the account anyway in Credential Manager, shut down, start up, log in and test.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
It could also be someone trying to hack into your system via RDP. Have a look at Event Viewer on your server to see if there are failed Remote Access attempts.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
As already mentioned use the account lockout tool to find out where it is being locked out and check the event log. i bet they have drive mapping somewhere using their logon details.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.