Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations John Tel on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

My AD Account locks every hours 2

Status
Not open for further replies.
windowsfan

windowsfan

IS-IT--Management
Jan 26, 2007
237
US
My AD account is getting locked out every one to two hours. I am not able to figure out the cause, I could not find the cause of it from Event viewer of my PC or DC.

Any help on how to figure this out and fix it.
 
Sort by date Sort by votes
This is typcially happening because:
1. Someone is trying to use your account.
2. Something is running under your account and you have changed your password recently. It could be a service, scheduled task, etc.

Denny
MCSA (2003) / MCDBA (SQL 2000)
MCTS (SQL 2005 / Microsoft Windows SharePoint Services 3.0: Configuration / Microsoft Office SharePoint Server 2007: Configuration)
MCITP Database Administrator (SQL 2005) / Database Developer (SQL 2005)

--Anything is possible. All it takes is a little research. (Me)
[noevil]
 
Upvote 0 Downvote
Thanks for the reply Deny.
I am almost positive that nothing is running under my account (no services). It's a same issue with the other user. How can I figure out if my account is being used for services or schedule task?
 
Upvote 0 Downvote
you can check Services under Computer Management and see if your user account is listed anywhere under the Log On As column.
 
Upvote 0 Downvote
astaylor: I have already checked to make sure that that my account is not used to run any services, I also made sure that I do not have any disconnected session.

Roadki11: I have alockout.txt under c:\windows\debug, but I dont know how to figure out on what's locking my my account locked
Here's are the few entries from that file:
Files\LANDesk\LDClient\purgefile.exe,ALOCKOUT.DLL - dll_process_detatch
Fri Jun 29 08:54:06 2007, PID: 5920, Thread: 5148, Image C:\MSLock-out\LockoutStatus.exe,ALOCKOUT.DLL - DLL_PROCESS_ATTACH
Fri Jun 29 08:54:29 2007, PID: 5920, Thread: 5148, Image C:\MSLock-out\LockoutStatus.exe,ALOCKOUT.DLL - dll_process_detatch
Fri Jun 29 08:54:37 2007, PID: 3756, Thread: 4228, Image C:\WINDOWS\system32\mmc.exe,ALOCKOUT.DLL - DLL_PROCESS_ATTACH
Fri Jun 29 08:55:27 2007, PID: 5916, Thread: 3432, Image C:\Program Files\Microsoft Office\OFFICE11\OUTLOOK.EXE,ALOCKOUT.DLL - DLL_PROCESS_ATTACH
Fri Jun 29 08:56:46 2007, PID: 4788, Thread: 5704, Image C:\WINDOWS\Explorer.EXE,***WNetUseConnectionW Failed!*** (5), Local: (null), Remote: \\, Password: Password was NULL, Window Title: , RC was: The network path was not found. (53), GLE was: The network path was not found. (53)
Fri Jun 29 08:56:46 2007, PID: 4788, Thread: 5704, Image C:\WINDOWS\Explorer.EXE,***WNetUseConnectionW Failed!*** (6), Local: (null), Remote: \\, Password: Password was NULL, Window Title: , RC was: The network path was not found. (53), GLE was: The network path was not found. (53)
Fri Jun 29 08:57:20 2007, PID: 5980, Thread: 4320, Image C:\WINDOWS\system32\NOTEPAD.EXE,ALOCKOUT.DLL - DLL_PROCESS_ATTACH

 
Upvote 0 Downvote
More than likely you will find that you are logged in on a machine somewhere with an old password. When the machine with the old password tries to check in witht he server it sends an old password which will eventually lock you out.

You can use the Microsoft Account Lockout and Management tools to troubleshoot this. Free download at:
Alternatively, The Spider's Parlor Admin Script Pack has a script to report lockout location. See link in sig...

I hope you find this post helpful.

Regards,

Mark

Check out my scripting solutions at
Work SMARTER not HARDER. The Spider's Parlor's Admin Script Pack is a collection of Administrative scripts designed to make IT Administration easier! Save time, get more work done, get the Admin Script Pack.
 
Upvote 0 Downvote
hi Mark,
if you check my previous post, I got those entries by using account lock out management tools, but cannot figure out anyhthing form that.
 
Upvote 0 Downvote
Not sure what you're running to generate that log but I jsut use the account lockout tools GUI to find which DC the lockout occured on and then check the security log on that DC for the lockout event which should tell you what host the lockout happened which should be enough for you to figure out what's happening. If it's a desktop and you've checked for services I'd also look at mapped drives in case they were connected as the specific user (we occassionally have lockouts caused by manual mapping to Samba shares). If the lockout host is a server then check who's logged on it etc.
 
Upvote 0 Downvote
getLockoutLocation.vbs : Reports what users are locked out at machines provided in a list file (wslist.txt)

I hope you find this post helpful.

Regards,

Mark

Check out my scripting solutions at
Work SMARTER not HARDER. The Spider's Parlor's Admin Script Pack is a collection of Administrative scripts designed to make IT Administration easier! Save time, get more work done, get the Admin Script Pack.
 
Upvote 0 Downvote
I was logged in to one of the server with old password. Logging off from that server took care of the lockout issue.

Thanks everyone.
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

rzammit82
  • Locked
  • Question
Windows Server 2016 - DNS/AD problem
Replies
1
Views
872
suncit
suncit
DrB0b
  • Locked
  • Question
Hybrid on prem AD with Azure AD
Replies
2
Views
378
DrB0b
DrB0b
goombawaho
  • Locked
  • Question
Microsoft Azure Active Directory - Backup Admin Account 1
Replies
2
Views
922
goombawaho
goombawaho
DTGMI
  • Locked
  • Question
WIN 10 Pro PC & Adding back to our Network
Replies
0
Views
561
DTGMI
DTGMI
DrB0b
  • Locked
  • Question
Windows 2016 IIS FTP server with a ton of user accounts
Replies
4
Views
736
DrB0b
DrB0b

Part and Inventory Search

Sponsor

Back
Top