Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Mike Lewis on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Account lockout 1

Status
Not open for further replies.
lengoo

lengoo

IS-IT--Management
Jan 15, 2002
381
0
0
GH
Hi all,
I have a weird problem with my account. I reset my password the other day and now, every day... my account gets locked out. I just leave my machine connected to the network throughout the day and every few hours I find that I cannot access email, the file systems on servers because my account has locked out. I have checked the times of the incorrect login and there are times when I've been away from my desk and not actually doing anything.. just wondering if there could be a process running in the background which is trying to do something with the wrong password for my account. I have checked the System Services and there is nothing which is running under my ID.. and the machine which gets the error attempts is always the domain controller (also the main file server).
Any ideas why this sort of thing could happen?
 
Sort by date Sort by votes
Try disconnecting any mapped network drives, make sure you are not logged on to any other machine in the domain and reset your password again.
 
Upvote 0 Downvote
The background service or application sounds right. Is it possible for you to change you password back, and see if the problem is alleviated? If so, then there is definitely something doing exactly as you say. Are you running an Exchange server, or do you have POP3 email? If exchange, did you change your e-mail password as well? If your email application is not open, do you get locked out? Do you get an error when trying to access your email? These are all shots in the dark, but certainly some places to start looking.

e-mail me at ddraper at igalaxy dot net
 
Upvote 0 Downvote
HI guys
I tried disconnecting my network drives but it still seems to be happening! I think it is to do with the Outlook client as it only seems to lock me out after using it for a while.. I have tried resetting my password but still no luck with it. However, the strange thing is that the lockout doesn't occur on the Exchange server but that of the file server. So I am wondering whether my Outlook is trying to access the file system in some way.. is there a way to check this?
Regards
 
Upvote 0 Downvote
Have you any sessions running on terminal services or anything? I remember once I was having a similar problem with my account locking out continuously and it turned out there was a terminal services session that hadnt disconnected properly. Could be something similar here
 
Upvote 0 Downvote
Do you use Home Directories? If your Outlook file is stored on the network in a home directory, this may be where your network share issue comes in... When you say "no luck with it" do you mean you are still getting locked out after reverting, or you have had no luck in changing you password back to what it was before the issue arose? If you walk away from your machine and close the Outlook client when you do so, do you get locked out? Have you tried this approach? Do you get errors when receiving email? If not, then it is likely NOT your Outlook, but something else. Check these out, and get back to us. The TS could be another place to look, also. I know it is difficult to do, especially if you have MANY users, but has your DC been rebooted? This can be a bit extreme, but *IF* you have a TS license hung up, you can clear it this way. If a reboot is out of the question, stop and restart your TS licensing... copy the following into a batch file and run it...

net stop TermServLicensing
sleep 5
net start TermServLicensing

You will need about 10 minutes for it to take affect, but this SOMETIMES works for my network.

I have posted about CiTRiX clients having a similar issue, and so far, my only fix is a *nightly* reboot... a great big PITA! I know it is not always possible (or easy - time can be of the essence) to reboot a DC, but an occasional DC reboot can cure a multitude of sins...

e-mail me at ddraper at igalaxy dot net
 
Upvote 0 Downvote
Have you used your login and pw for any programs like virus software updating or anything like that?
 
Upvote 0 Downvote
I was just on the MS website, and ran across some info regarding licensing. Do you have more than one server in your organization? If so are you running in mixed licensing mode? i.e. are some servers "per seat" and some "per server"? Check this link, and see if anything here makes sense for your particular situation.


You will probably need to copy an paste the whole thing into your browser... You got me scratchin'... Check all of the links on the page... This link is to the main.

e-mail me at ddraper at igalaxy dot net
 
Upvote 0 Downvote
if you have set up any services on any other machine to use your account this will happen. check the security log on the server and see if a machine is trying to log on unsuccesfully.
 
Upvote 0 Downvote
Hi guys
I have no idea what's wrong with it.. I've tried everything and I am still getting account lockouts... the only I haven't tried is rebooting the servers which I'll try and do over a weekend.
I've looked at Services using my account logon.. there were none. Checked Terminal Services and Citrix sessions, none. Tried disconnected the mapped network drives and I still got locked out.
It seems that Outlook is causing the account lockout.. however, the lockouts are happening on the file server rather than the Exchange server which is odd.
I just hope the servers reboots are gonna work..
:p
 
Upvote 0 Downvote
It sounds too much like there is either a service trying to log on as you or another system trying to log on as you.

Remember that only the security system can lock out an account. This happens only when the security policy is being violated by too many tries to log in with the wrong password.

Major point to remember: The security credentuals for an account are only updated is when a new login is done. Therefore, some service out on another system is probably logged in as you, and will retain the credentials until it is rebooted, and it is being blocked from access because you changed your password. The service is still set on the old password, and will continue to try to log on until that password is changed, which kills your account immediately every time it is reset. (NOTE: This is exactly why you should NEVER use your own account for any service to run under, you should always set up a special user account for any service that needs to have an account to run where the password does not expire!)

If you can not find the machine in question I would suggest you delete your domain user account and creat a new account with the same name or a different name. (NOTE: even if your use the SAME username, it is different, and has a different SID as far as the domain is concerned.)

However, before you do this, create a new dummy folder on your local system under documents and go through the exercise to copy your current local domain user profile to that phantom user account. Next, log in as administrator and delete the original local account and then go to the domain and create the new user account. The first time you log onto the local system as the new account it will create a new user account for that new user name. The administrator can then copy the original profile (from the phantom user profile you created) back to your new user account. This will also impact your mail account, and it will have to be redirected also.

Eventually you will find the problem out there on another system that is failing to run some service, etc., and then you will be avble to fix that also (usually when some user complains that he can not use the service anymore).

HTH,

David
 
Upvote 0 Downvote
Hi All,
I have finally solved this.. I rebooted the servers.. I guess there was something on the domain controllers which was causing a problem.
Many thanks for all the efforts and time with this.
:)
 
Upvote 0 Downvote
I have had this probllem quite a few times myself. For me it stemmed from being terminaled into a server or logged in locally on a server then changing my password from another location such as my desktop while still logged on. Logons can remain in effect even though you have closed the session by clicking on the X in the upper right corner of the session box instead of loggin off correctly. The password reset freezes at a half way point which causes lock out periodically. This can be resolved by closing all terminal sessions and ensuring your are logged off from all local logons from all servers. This seems to allow the password reset to finish and all is well. You may have done this without knowing by rebooting all servers thereby closing your terminal sessions the hard way. Glad to hear the problem is now solved.

Jeffery Smith (Smitty)
PEC Solutions Inc.
BS - Computer Application & Networking
A+ Network+ MCSA MCSE
 
Upvote 0 Downvote
Yeh.. it was particularly weird as I thought it was all the stuff mentioned.. rogue service, terminal session and even scoured the firewall logs to see if someone was trying to impersonate my login.. anyway, glad it's sorted now and thanks to everyone for their input. :)
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

goombawaho
  • Locked
  • Question
Microsoft Azure Active Directory - Backup Admin Account 1
Replies
2
Views
130
goombawaho
goombawaho
DrB0b
  • Locked
  • Question
Windows 2016 IIS FTP server with a ton of user accounts
Replies
4
Views
145
DrB0b
DrB0b
Kiwica
  • Locked
  • Question
Locked out domain account
Replies
4
Views
55
Kiwica
Kiwica
goombawaho
  • Locked
  • Question
How to open Change user role for user accounts wizard
Replies
2
Views
51
goombawaho
goombawaho
DTGMI
  • Locked
  • Question
Strange 2008 R2 AD login lockouts!
Replies
1
Views
39
DrB0b
DrB0b

Part and Inventory Search

Sponsor

Back
Top