Announcement

Collapse
No announcement yet.

Account Lockouts in Citrix (split after thread Hijack)

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Account Lockouts in Citrix (split after thread Hijack)

    I had this issue and couldn't find a tool that was any good, so i went about searching another method. Here is what I found and tested so know its working.
    I created two batch files, one which is on my desktop and another which is on a network share. The first one will run the second batch file with domain admin credentials.

    runas /User:domain\user "\\server\Scripts\quser.bat"

    Below is the 2nd batch file which will query the logged on users of each server. I just check the results in the script window and check which users are logged onto which server.

    @echo on
    echo *********quser.bat *****************************
    echo *********terminal servers showing logged on users *****
    quser /server:server1
    quser /server:server2
    quser /server:server3
    quser /server:server4
    pause


    next i'd either use terminal services manager or rdp to the server and logoff the session.
    This can also be done from the command line (ran with domain admin credentials
    logoff 2 /SERVER:server1
    the 2 been the session id given from the 2nd batch file.
    Hope this helps.

    (EDIT: This isn't exactly what you asked for, but its a good way to check if they are getting locked out for active sessions)
    Last edited by uk_network; 17th December 2012, 20:06.
    Please remember to award reputation points if you have received good advice.
    I do tend to think 'outside the box' so others may not always share the same views.

    MCITP -W7,
    MCSA+Messaging, CCENT, ICND2 slowly getting around to.

  • #2
    Re: Account Lockouts

    How can an account get locked out for active session?

    Comment


    • #3
      Re: Account Lockouts

      In my case people usually are logged on by citrix, then log on to a different terminal server and never end their disconnected sessions.
      Then change their password and their account just locks out all the time.

      This tool might be of more use to you, LockoutStatus.exe
      http://www.microsoft.com/en-us/downl....aspx?id=15201
      Last edited by uk_network; 17th December 2012, 21:53.
      Please remember to award reputation points if you have received good advice.
      I do tend to think 'outside the box' so others may not always share the same views.

      MCITP -W7,
      MCSA+Messaging, CCENT, ICND2 slowly getting around to.

      Comment


      • #4
        Re: Account Lockouts

        How can an account get locked out for active session?


        Is it possible that you have a disconnected session with your user account on that server? If you recently changed your password, then any disconnected but active sessions on a server/workstation could result in something like that.

        If not:

        I would try and enable process tracking in addition to logon tracking. This will enable you to see which process was started at the time the logon failure and ultimately the lock-out occurred.

        On Win2k8 those event ids are 4688 when a process starts, and 4689 when the process exits. Deciphering that can a bit tricky though.

        You could try and install an evaluation version of EventSentry, which normalizes logon and process data and stores it in a database for easy searching. E.g., you can see which processes were running at the time, search through logon events across multiple servers and so forth. However, setting up EventSentry just for this purpose might be overkill.

        Did you check your scheduled tasks to make sure no tasks are configured under your user account?

        Well if you have tested different tool Such as Al tool i suggest you to test a third party tool such as Lepide Active Directory Self Service. This tool will give an alert notification each time when ever you log in to your accounts. Try it out

        http://www.lepide.com/active-directo...f-service.html

        Comment

        Working...
        X