Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

account locked out repeatedly

Status
Not open for further replies.
prinand

prinand

MIS
Jun 13, 2000
98
GB
I have one user who had to change his password, but once he picked a new password, his account was locked very soon. I unlocked his account several times, and he did not make any errors, but still his account keeps locking up.

I had a look if he had stored away his password somewhere, but I cannot find it.

as soon as I changed the password back to his old password, his problems were solved.

Any idea, is this a client problem (Win NT workstation) of a server problem NT server ?
 
Sort by date Sort by votes
Is this a local login or a domain login? Does the user have any services or tasks configured to run under his user account? Are you using roaming profiles? If so, did you change the password from the workstation or through User Manager for Domains?
 
Upvote 0 Downvote
this is a domain login. logon is done to a main domain, while being part of a resource domain.
there is nothing special configured on the system, just the regular Office 97/oulook 98 and some other simple programs
but none of those have services.

1st time he changed his password during logon, and the other times i used user manager for domains to enter a new password.
 
Upvote 0 Downvote
is this account used by any service as well ?
You might want to set up extended logon logging :

You can install the Netlogon.dll from the checked build of Service Pack 3 on your PDC to create a log file for all attemps.

After downloading the checked build of service pack 3, extract (SP_Name.exe /x) the Netlogon.dll.
YOu can find this checked build at
ftp://ftp.microsoft.com/bussys/winnt/winnt-public/fixes/usa/NT40/ussp3/checked/

Navigate to the %SystemRoot%\System32 folder and rename Netlogon.dll to Netlogon.fre.
Copy the checked version of Netlogon.dll to the %SystemRoot%\System32 folder. Edit:

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Netlogon\Parameters\DBFlag

and change DBFlag to 0x04 to record the logon or to 0x20000004 to record the logon and a time stamp.
(DBFlag : Reg_SZ)

Shutdown and restart the PDC.

Confirm you have a %SystemRoot%\Debug folder that contains a Netlogon.log file.The error codes in the log file are:

Error Code M e a n i n g
0xC0000234 User logon with Account Locked.
0xC000006A User logon with Misspelled or bad Password.
0xC0000072 User logon to account disabled by Administrator.
0xC0000193 User logon with Expired Account.
0xC0000070 User logon from unauthorized workstation.
0xC000006F User logon Outside authorized hours.
0xC0000224 User logon with "Change Password at Next Logon" flagged.
0xC0000071 User logon with Expired Password.
0xC0000064 User logon with Misspelled or Bad User Account.


Only the 0xC0000234 and 0xC000006A entries are important for account lockouts.

I have not failed, I just found 10000 ways that don't work

Peter Van Eeckhoutte
peter.ve@pandora.be

Did this post help ? Click below to let me know ;-)
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

goombawaho
  • Locked
  • Question
Microsoft Azure Active Directory - Backup Admin Account 1
Replies
2
Views
334
goombawaho
goombawaho
Mohamed-IT
  • Locked
  • Question
Windows server 2019 password locked
Replies
1
Views
78
strongm
strongm
DrB0b
  • Locked
  • Question
Windows 2016 IIS FTP server with a ton of user accounts
Replies
4
Views
270
DrB0b
DrB0b
Kiwica
  • Locked
  • Question
Locked out domain account
Replies
4
Views
97
Kiwica
Kiwica
goombawaho
  • Locked
  • Question
How to open Change user role for user accounts wizard
Replies
2
Views
84
goombawaho
goombawaho

Part and Inventory Search

Sponsor

Back
Top