Link to home
Start Free TrialLog in
Avatar of James Fry
James Fry

asked on

Active Directory Account getting mysteriously locked

Greetings fellow EE'ers.

I'm stumped.  I currently work in an office other than where our Exchange Server is hosted.  I have Outlook set up on 2 computers (one of which is shut down most of the time), my Galaxy S6 Android Phone, and OWA from my house if my work laptop with Outlook isn't with me.  Over the last couple months, OWA credentials authentication has been fairly flaky.  Over the last 4 days, I have been connecting to Exchange by one of 3 ways.

My work laptop which usually has Outlook open constantly.
My Android Phone
OWA from Home.

THe behavior that I'm seeing is that my AD account is getting locked.  But here's the really weird part, usually ONE of the aforemementioned Exchange connected devices still works fine.  A coupel days ago, only my phone would work and the other 2 methods would deny credentials, another time, it was just my main computer with Outlook, and the phone and OWA were a no go.  I get the account unlocked by our AD administrator, and a few hours later it's locked again.

Any ideas?

Thanks in advance!

Jamie
Avatar of Alex
Alex
Flag of United Kingdom of Great Britain and Northern Ireland image

Clear the cached credentials on both machines :-p
Alternatively, download LO tools and then run EventCombMT

Regards

Alex
Avatar of James Fry
James Fry

ASKER

Ok I'll bite...what's LO Tools?
LOTools is lockout tools provided by Microsoft for this exact reason.

Are you not in IT, if not that's fine i'll just explain things better in future.

Also if you're not in IT, you won't have the rights to connect to the domain controller in order to pull the logs which you filter down and get the info I.E your account lockout source, and then find that machine.
I am in IT, but I'm the network/wireless guys.  We have an internal IT team that keeps permissions to a minimum, which they should ( we are a larger company) so I'm just trying to help them...it's been going on for 3 months.  Thanks for your insight Alex, we'll give that a shot.
That's ok mate,

that will give you all the security failures against your account which will tell you the source domain controller it's locked out on. Once you have done that with a little more investigation you'll be able to find out what client is making the request... The application does most of it.

If your AD "Specialist" hasn't thought of this and I'm the first person to recommend it, be concerned.

Lastly, this program connects to every single domain controller and pulls down the logs and then Parses them for information, this can take quite a long time depending on how big the AD structure is and how many domain controllers\users\logs you have.

Any issues, give me a shout :-)
ASKER CERTIFIED SOLUTION
Avatar of Ajit Singh
Ajit Singh
Flag of India image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Is there any update?
Is there any update. Do you need further assistance.
Do not agree. My answer is valid too