Announcement

Collapse
No announcement yet.

Active Directory Object Cannot be displayed

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Active Directory Object Cannot be displayed

    Hi Everyone,
    We are using Server 2000, recently we have been having problems with all the accounts being locked out. So on Friday I went ahead and changed all the user names and passwords. Which by-the-way has not worked. The accounts are still being locked out. When I click on the users name in active directory users and computers, i receive an error message that says "a local error has occured."
    When I go up to the Domain and Open Up properties, I recieve the error "The Active Directory Object could not be displayed. A local error has occurred."
    I am not quite sure what this means, i am fairly new at my position, can you please help?? Thank You

  • #2
    Re: Active Directory Object Cannot be displayed

    Have you checked your domain controller event logs to see where the lockouts are being triggered (Event 644 in Server 2003, so probably the same in 2000)?

    I smell a virus if lots of accounts are getting locked

    Also check the event logs for the time you try to open user properties, and make sure you refresh ADUC before re-trying
    Tom Jones
    MCT, MCSE (2000:Security & 2003), MCSA:Security & Messaging, MCDBA, MCDST, MCITP(EA, EMA, SA, EDA, ES, CS), MCTS, MCP, Sec+
    PhD, MSc, FIAP, MIITT
    IT Trainer / Consultant
    Ossian Ltd
    Scotland

    ** Remember to give credit where credit is due and leave reputation points where appropriate **

    Comment


    • #3
      Re: Active Directory Object Cannot be displayed

      ok, so all of the event IDs are either 529, or 539... the 529 event is Unknown User name or bad password. 539 is the account is locked out. If it is a virus how do i get rid of it? is there some special software?

      Comment


      • #4
        Re: Active Directory Object Cannot be displayed

        Please tell us you have some antivirus software already?

        The symptoms sound like conficker, but you should find tools to help identify if you have a virus and what it is
        Tom Jones
        MCT, MCSE (2000:Security & 2003), MCSA:Security & Messaging, MCDBA, MCDST, MCITP(EA, EMA, SA, EDA, ES, CS), MCTS, MCP, Sec+
        PhD, MSc, FIAP, MIITT
        IT Trainer / Consultant
        Ossian Ltd
        Scotland

        ** Remember to give credit where credit is due and leave reputation points where appropriate **

        Comment


        • #5
          Re: Active Directory Object Cannot be displayed

          Yes We Do have antivirus software already. On the Server we have Symantec Antivirus. With that we have 18 quarantined items from the last 2 years.... I just rescanned my computer (server) which scanned 62151 files on all drives and have found 0 viruses. however, when i look at the File System Realtime Scan Statistics, in the Virus Infection Section, it does list a virus there. The name is w32 Downadup.B,
          Last edited by lovelytech; 29th June 2009, 21:37.

          Comment


          • #6
            Re: Active Directory Object Cannot be displayed

            Conficker (in one of its guises)
            http://www.symantec.com/security_res...123015-3826-99

            There are tools, but most assume Server 2003 and up. Since Server 2000 is no longer patched, you may have problems.
            http://www.google.co.uk/search?hl=en...ficker+b&meta=
            Tom Jones
            MCT, MCSE (2000:Security & 2003), MCSA:Security & Messaging, MCDBA, MCDST, MCITP(EA, EMA, SA, EDA, ES, CS), MCTS, MCP, Sec+
            PhD, MSc, FIAP, MIITT
            IT Trainer / Consultant
            Ossian Ltd
            Scotland

            ** Remember to give credit where credit is due and leave reputation points where appropriate **

            Comment

            Working...
            X