ShahrulParticipantDecember 23, 2018 at 8:42 pm #612050
Hi Good Day,
O/S : Windows Server 2008 Enterprise, running Active Directory
Issue: Account locked out user randomly
Troubleshooting (TS) done so far for user getting account locked
1. Full scanning using Symantec anti-virus (PC is clean after scanning)
2. Remove all password in the credential manager
3. Remove all mapped drive
4. Change to complicated password
After done all the TS still account locked, I lost right now and not sure what to checked.
Hope anyone can help.
OssianModeratorDecember 24, 2018 at 3:28 am #612052
Have you removed cached credentials everywhere (not just on one PC)?
Are you auditing account login events – if so, see where the logins are coming from
ShahrulParticipantDecember 24, 2018 at 4:41 am #612053
Have you removed cached credentials everywhere (not just on one PC)? – Yes, I have remove all cached credentials for all PC that have been locked by AD.
Are you auditing account login events – if so, see where the logins are coming from – Are you referring to event viewer (security logs), if yes, I have checked all PC that been locked coming from correct PC. If not can you elaborate more on this.
wullieb1ModeratorDecember 27, 2018 at 12:03 am #612270
Have you used the Account Lockout Status tool from here?
This will help you determine which DC is locking the account and subsequently help to look for the logs on the DC which will point to a device.
This guide might also help
BloodModeratorJanuary 8, 2019 at 3:55 am #612790
I experienced this with my own account a few months ago. I tried all the above without success. What caused my issue was that I had a local account on my domain-joined PC that used the same name as my AD account. For example, to log on locally I would use pcname\blood and for my domain log on I would use domain\blood.
This was solved by renaming my local account to bloody. I experienced one more lockout after the change, but since then it has all been fine.
You must be logged in to reply to this topic.