Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Active Directory User Password Change Lockout Continuously

Status
Not open for further replies.
almaragni

almaragni

IS-IT--Management
Mar 17, 2005
66
US
Windows Active Directory Password Change Locks Out User
Posted: Jul 25, 2007 1:14 PM
Rating: Not Rated Reply


I have an interesting issue. There are several Windows XP desktop machines along with Windows 2003 Presentation Servers, in one domain. The PS computers have roaming profiles configured.

Users, when prompted at the desktop, change their passwords every 90-days. They then logon to their machines and open published applications.

Web Interface and PS log the users on using the new passwords. However, the users' accounts are then promptly locked out. If the account is unlocked, it is locked out again the next time the user logs onto a PS.

Do you have a helpful clue as to how to correct this?
 
Sort by date Sort by votes
1) download the tools from MS, the EventCombMT is useful for scanning the DC's event logs using the username to find out what pc caused the lockout etc


Generally I've always found this problem to have been caused by a mapped drive being given a username and password.

Jon
 
Upvote 0 Downvote
thanks

however, i have checked all mapped drives and saved logins and scheduled tasks and orphaned logins ... there appear to be none.

i am confident this is related somehow to the citrix setup (we have at least 2 citrix servers) but have not yet found the cause.

if you know of any other area to check, please me know

thanks again
 
Upvote 0 Downvote
have you run the EventCombMT as described earlier, as it will tell you when and where from that a specified account was locked.
 
Upvote 0 Downvote
i downloaded it - but when i tried it, i was unable to determine exactly how to operate it - so when I was looking through the events i really didn't understand the output.
 
Upvote 0 Downvote
run the software, click on 'searches' select 'built in searches', "account lockouts'

In the 'Text' box enter the username that gets locked out, click 'search'

when finished searching open 'file', 'open log directory'

all else fails try looking in the help for 'account lockouts'

the log files will contain the times and IP's of failed attempts to use that username and you can then find out your rouge pc/old password
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

SpenceWaller
  • Locked
  • Question
Citrix CSG - Allow users to change password
Replies
0
Views
80
SpenceWaller
SpenceWaller
MartijnNL
  • Locked
  • Question
DCL: Counting number of user processes for a period of time
Replies
1
Views
135
yamyam
yamyam
furnitus
  • Locked
  • Question
ActiveX COM Object
Replies
0
Views
99
furnitus
furnitus
Breezeman
  • Locked
  • Question
Stop users from saving to their user directory on C: of application servers
Replies
3
Views
130
JayIT
JayIT
sodax
  • Locked
  • Question
Citrix Password Manager Problem
Replies
3
Views
81
sodax
sodax

Part and Inventory Search

Sponsor

Back
Top