Avatar of A A
 asked on

Identify cause of locked account several times during day and restrict username to be entered only on user computer so not to lock other accounts

Hello Experts
I have a user that is always locked out  whether on vpn or in network as a i have to unlock the user several times during the day as I would like to know the following
1-How can I restrict username to be entered on specific computer ( owner of computer) so if another user has know the username standard  and tried with other username and Wrong password the account will not locked that affect other user
2- How  can I know the main reason for locking account and from which computer
* LockingNetworking* User accountsVPN

Avatar of undefined
Last Comment
Adam Leinss

8/22/2022 - Mon
Adam Leinss

View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
See Pricing Options
Start Free Trial
Ask your own question & get feedback from real experts
Find out why thousands trust the EE community with their toughest problems.
Kent W

I've also had users running local services with their user / pass, which has to be changed once that pass is updated.
The service itself can cause the lockout trying to authenticate if not updated with the new credentials.
Just in case... :)

Need more info and comments from all experts
1-How can I know the computer details that use the locked account as ip address may be public
2-How can I restrict each user to enter username on his computer so if the user tried to enter his collegue user id which is standard and all employees know so with three time wrong password this will not affect his colleague so the owner only who has to try his username and password and if wrong user lock his account.
imagine employee  has username syntax  first.last and he logged out and signed  with his friend first.last and wrong password so at that time each user can lock his colleague account.
Adam Leinss

If the IP address is public, you aren't going to know the computer name, as it's probably giving you the IP address of their ISP, not their computer.

Did you check the solutions I gave above?
Experts Exchange has (a) saved my job multiple times, (b) saved me hours, days, and even weeks of work, and often (c) makes me look like a superhero! This place is MAGIC!
Walt Forbes
Kent W

You could also look at the suspected users computers event log for clues.

On your #2 question, if you go to the user in AD users and computers, right click > properties, Account tab, look for "Log On To..." button.
You can list the computers the user is allowed to logon to.

Is there other comments for the same question please ?..
Adam Leinss

This site works best when there is a back and forth between the questioner and experts.  You haven't addressed any of the solutions posted, therefore I am no longer monitoring this question.
Try out a week of full access for free.
Find out why thousands trust the EE community with their toughest problems.