Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

  • Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Domain users Accounts Locked

Status
Not open for further replies.

dineshparikh

Technical User
Aug 28, 2002
53
GB
Hi all,

From last seven or eight days my domain user accounts start getting locked now and then.Only thing i have changed in policy is i set Account locked out after 3 bad logon, earlir it was blank.

And after that some of my domain users says though they are logging for the first time for the day and they found their account locked.I am just wondering what could be wrong?

My Account policy setting are as below

· Maximum Password Age set to 30 Days
· Minimum Password Length set to 6 Characters
· Account Lockout after 3 bad logon attempts.
· Reset Count After 21600 minutes
· Minimum Password Age Changes in 1 days.
· Password Uniqueness should be set to 12
· Lockout Duration set Forever (until Admin unlocks).

I am running login scripts for drive mapping.

Rgds,
Dinesh

 
short of identifying a specific conflict between client/server os, I suggest setting your lockout to 5 bad attempts. Anyone can mess up a good password 3 times without realizing their caplock is on, or their hands are out of position. The point of having the lockout turned on is to stop password hacking. If a hacker guesses a password in less than 5 tries, it wasn't a strong password to begin with. We use min 5 character, alpha/non-alpha, upper/lower case. The only time we had this problem, it turned out the user thought having the caplock on would make it easier since the 1st set of characters required holding down the shift key. It is possible that this was discussed on within the last couple of months.

Good Luck!
Thadd
 
Arrgh! I've even disabled account lockout entirely, but still get users calling every day. They suddenly can't access a mapped network drive. I'm using the checked build of netlogon.dll, which logs much more than Event Viewer. It shows lots of 0xC000006A messages (invalid password) - while the user is logged in / working normally. Then, all of a sudden, they can't access the network drive. But UM4D doesn't show them as locked out (not since I disabled account lockout).

So I tell them to log out and back in again: then they are fine. For awhile...

What's going on here?
 
Is your NIC driver updated for the people getting locked out? And is it set for that lovely default setting (makes real sense on a network) to 'Allow the computer to shut down this device to save power'? the outdated NIC drivers causing this lockout problem is a known issue; as to losing connectivity... clear the box in the power management tab of the properties for the NIC to allow the computer to shut down this device...
 
It's not a NIC issue - the connectivity to the mainframe never drops out, and Internet access is fine. It's a domain authentication problem.
 
I have recently started getting the same problem.
Mid session lockouts. Windows 98 users. NT domain. The on;ly cange I can think is significant is we have recently added several Win 2000 file and print servers.
Any news on this?
 
I'm having the same problem reported above. McAfee is set on workstations to use the local system account, not a user account. The problem happens once every couple of weeks, and then happens to multiple users. I've scanned for viruses as mentioned above, but none of this has yielded anything.

Any other suggestions?
 
I'm having the same problem.Did any of you guys manage to solve this problem?Dineshparikh do you still have this problem?
 
My experience on this issue is:

1) Make sure any static mapped drives that the user may have created are disconnected.
2) Make sure no other machine with the affected username/account is logged onto the domain.
3) Reset/unlock account.
4) Remap drives and restart other machines the user uses.

This has worked for several accounts on our network but since we do not have a clear answer from Microsoft on mixed environments, plus my organization is only using SP2 for w2k, I am not sure if this is the correct fix. It has worked fom me though.
 
I've recently added a 2000 member server to an existing NT4 domain and having similar problems. In most cases the user was logged into the domain, and after a period of inactivity is locked out.

I feel pretty confident about the new firewall I recently installed, so I don't believe outside users is an issue.

Details:
NT4 Domain
Single NT4 PDC (will upgrade to AD-mixed mode soon)
2000 member server, file server where users are currently mapping drives to via login scripts
 
We had the same problem and fixed it by
1. On Microsofts' recommendatoin increasing domain lockout policy to 3 bad atttempts to 10
2. Increasing session timeout value on the local policy of the Windows 2000 file server we had introduced.
3. Thoroughly checking out DNS and WINs as slow name resolution seemed to be having an effect too.

We went from upwards of 40 lockouts a day to fewer than 3
 
I am having this same problem. All Windows 2000 servers and all Windows 2000 workstations. I implemented password expiration per the microsoft recommended settings and chaos arose with almost each morning have 20-30 users locked out. Some the same users, sometimes not. I watched them change their password and they have no second machines.

I finally gave up and turned off password expiration, rebooted all servers, not just DC, ALL. It is still happening!!!

No McAfee either. Behind firewall as well.
 
Do you have a firewell? .... virus protection?

Ive have instances where we were gettn hit from the outside, and NT would lockout several accounts every day.
 
This may be a long shot, but the problem seems to have disappeared for me. I found that I had several printer queues defined on a server that had a public IP address. I moved the queues (which should NEVER have been there in the first place) to another server that only had a private IP.
 
yes, i have a firewall. there are about 80 accounts and they are all locking 4-5 times a day which is driving me crazy at this point. i have totally removed the policy and all are set as "not defined" and rebooted all servers. It is still doing it. i don't know where it is coming from now.

all w2k servers all w2k workstations.
 
Status
Not open for further replies.

Part and Inventory Search

Sponsor

Back
Top