Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Active Directory locks account

Status
Not open for further replies.
jumpmaster82

jumpmaster82

IS-IT--Management
Sep 7, 2003
13
US
I have only one user effected by this, but as luck would have it, it is a "C" level. He will log in fine. Log out a little later, then when logging back in, gets "account locked out".

I have done this myself on his account (different PC), and it happens to me, so entering incorrect PW is not the problem (as I initially thought).

The AD locks the account after about 5 minutes of activity.

Any Ideas?

Thanks

DJ
 
Sort by date Sort by votes
Hi DJ,
I dont have a solution for you,
But I am experiencing the same issue,
I have several calls out to various resources, if you should find a solution please share with me,
I will do the same,
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
My user account locks out within a few minutes of
unlocking. This began happening once I changed my AD
password.
I am running in a mix mode(have domain PDC's and BDC's)
and also have Active Directory DC's, The user accounts in
the domain and Active Directory are NOT the same.
Event veiwers on the DC's provide little information as to
where I may have been logged on, or which server locked me
out.
Are there any tools or utilities that can help
troubleshoot this problem?

One possibility is that I am running a service using the
credentials of the previous AD user account and password
from before I changed my password.
Thanks
.

 
Upvote 0 Downvote
Does the profile get unloaded correctly. I've seen this happen when the profile fails to unload because a process it still running such as a database network client processing a compoud query. If it logs in and out and the account is logged out then it "may" cause the account to become locked.

I suspect some trojan "scripts" might behave like this also.

When I saw this it I also had errors in the Event Log saying that the profile could not be unloaded because it was still in use.

Sometimes ( I would bet ) it could be caused by a faulting program. Check for this on logout too.
 
Upvote 0 Downvote
When was the last time the user reset his password?

From a command prompt:

net user %username% /domain

If his password was set recently, I would look to see if this user has any other resources that he has mapped himself to manually. If this is the case, you need to disconnect from those resources manually. Also, make sure to ask if he has logged in anywhere else on the network recently and either mapped resources himself from that location, or if he still may be logged in elsewhere on the network.
 
Upvote 0 Downvote
That is a good point - I don't think it works. Resources in the domain or it's trust wouldn't act like this. Of cource there could be a "big" in the software.

;)

 
Upvote 0 Downvote
modified fix...
I got lucky and the user was fine with changing logon from flastname to firstL (first name/last name combo) and it worked out. I don't really have enough time to finsd the root cause, just needed to get it fixed.
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

goombawaho
  • Locked
  • Question
Microsoft Azure Active Directory - Backup Admin Account 1
Replies
2
Views
316
goombawaho
goombawaho
julis2103
  • Locked
  • Question
Active Directory
Replies
0
Views
84
julis2103
julis2103
DrB0b
  • Locked
  • Question
Windows 2016 IIS FTP server with a ton of user accounts
Replies
4
Views
264
DrB0b
DrB0b
geneg28
  • Locked
  • Question
Active Directory and Linux Servers
Replies
0
Views
80
geneg28
geneg28
axilleas
  • Locked
  • Question
Windows 2012 R2 Active directory problem after applying GPO
Replies
7
Views
144
technome
technome

Part and Inventory Search

Sponsor

Back
Top