Active Directory – Account Get Locked Randomly

Home Forums Microsoft Networking and Management Services Active Directory Active Directory – Account Get Locked Randomly

This topic contains 4 replies, has 4 voices, and was last updated by Blood Blood 1 week, 2 days ago.

Viewing 5 posts - 1 through 5 (of 5 total)
  • Author
    Posts

  • Shahrul
    Participant
    #612050

    Hi Good Day,

    O/S : Windows Server 2008 Enterprise, running Active Directory

    Issue: Account locked out user randomly

    Troubleshooting (TS) done so far for user getting account locked

    1. Full scanning using Symantec anti-virus  (PC is clean after scanning)
    2. Remove all password in the credential manager
    3. Remove all mapped drive
    4. Change to complicated password

    After done all the TS still account locked, I lost right now and not sure what to checked.

    Hope anyone can help.

    Thanks.


    Ossian
    Moderator
    #612052

    Have you removed cached credentials everywhere (not just on one PC)?

    Are you auditing account login events – if so, see where the logins are coming from


    Shahrul
    Participant
    #612053

    Have you removed cached credentials everywhere (not just on one PC)? – Yes, I have remove all cached credentials for all PC that have been locked by AD.

    Are you auditing account login events – if so, see where the logins are coming from – Are you referring to event viewer (security logs), if yes, I have checked all PC that been locked coming from correct PC. If not can you elaborate more on this.


    wullieb1
    Moderator
    #612270

    Have you used the Account Lockout Status tool from here?

    https://www.microsoft.com/en-au/download/details.aspx?id=15201

    This will help you determine which DC is locking the account and subsequently help to look for the logs on the DC which will point to a device.

    This guide might also help

    Troubleshooting Active Directory Account Lockout

    Blood
    Blood
    Moderator
    #612790

    I experienced this with my own account a few months ago. I tried all the above without success. What caused my issue was that I had a local account on my domain-joined PC that used the same name as my AD account. For example, to log on locally I would use pcname\blood and for my domain log on I would use domain\blood.

    This was solved by renaming my local account to bloody. I experienced one more lockout after the change, but since then it has all been fine.

Viewing 5 posts - 1 through 5 (of 5 total)

You must be logged in to reply to this topic.