Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Active Directory - Domain User Auto Lock


  • Please log in to reply
2 replies to this topic

#1 Shahrul

Shahrul

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:04:05 AM

Posted 20 July 2017 - 04:12 AM

Hi,

 

I have AD server running on window server 2008 R2 Standard. Recently, our user having issue like account auto lock after 1st or 2nd attempt and sometimes account have been lock by itself when user want to login.

 

I don`t have any clue how to check on this issue, please help.

 

Thanks in advance.



BC AdBot (Login to Remove)

 


m

#2 sflatechguy

sflatechguy

  • BC Advisor
  • 2,126 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:05 PM

Posted 27 July 2017 - 10:09 AM

The only thing that would lock their account is if they entered their password incorrectly. Check the account lockout settings in the default domain group policy. See if the policy is set to require an admin to unlock the user's account -- if the account lockout duration is set to zero, then users must contact an admin to have their account unlocked.

 

You should also look at the account lockout threshhold (how many failed attempts before the account is locked) and the reset lockout counter (the time the user must wait before the lockout is lifted and they can try their password again).

 

You can also look at the Security logs in Event Viewer on both the computer the user tries to log in on, and the domain controllers the users authenticate to.



#3 DelPomerinke

DelPomerinke

  • Malware Study Hall Sophomore
  • 37 posts
  • OFFLINE
  •  
  • Local time:01:05 PM

Posted 03 August 2017 - 02:08 PM

AD account lockouts can often be caused by Mobile devices  (Email sync) or configuring Services to run as user account and then after a force PW Update will use 'old' PW and lock the account.






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users