Re: 2 users getting locked out repeatedly
anonymous_at_discussions.microsoft.com
Date: 07/02/04
- Next message: Jeff Ferrell: "Can't turn off "Download File" alert when starting desktop applications"
- Previous message: anonymous_at_discussions.microsoft.com: "Re: 2 users getting locked out repeatedly"
- Maybe in reply to: anonymous_at_discussions.microsoft.com: "Re: 2 users getting locked out repeatedly"
- Next in thread: Joe Richards [MVP]: "Re: 2 users getting locked out repeatedly"
- Reply: Joe Richards [MVP]: "Re: 2 users getting locked out repeatedly"
- Messages sorted by: [ date ] [ thread ]
Date: Fri, 2 Jul 2004 05:10:13 -0700
Thanks Joe and all for the responses. It was a scheduled
task to autolock the pc and the password was wrong I am
sure. I removed the task and it is solved.
I found a GREAT tool on this great website joeware.net :)
secdata that helped me watch the bad pwd count...and
ironically enough, I was on your site Joe before coming
here :)
Thanks again for all the replies.
jeff
>-----Original Message-----
>They may not be typing bad passwords but they are being
sent. Look at the
>badPwdCount attribute for the users on all of the DCs.
You will probably see one
>DC and the PDC with the value around the lockout policy
amount.
>
>Go to the non-PDC and dump the security event log and
look for bad password
>events. Of course this assumes you have bad logon
attempts being logged, If you
>don't, turn it on. That should tell you what machine is
sending the bad
>attempts. Then you start going over that machine with a
fine tooth comb.
>
>--
>Joe Richards Microsoft MVP Windows Server Directory
Services
>www.joeware.net
>
>
>
>Jeff Ferrell wrote:
>> Greetings all,
>>
>> I have a strange situation. I have 2 users only of
about
>> 75 that keep getting their accounted locked out.
Happens
>> every day, typically after 4-5 hours of working
atleast
>> or so it seems. They don't have bad password attempts,
I
>> have tried to reset the account, expire the pwd and
>> change it, then the user would create a new password
and
>> the following day at some point, while working, it
would
>> lock her account.
>>
>> It is a Win2000 network, 3 DC's, 1 of which is across
a
>> T1 link. Both users are in the same OU. No one else in
>> that OU has issues, nor across the entire
organization. 2
>> servers including the PDC are at SP4, the one across
the
>> WAN link is at SP3. One person is typically only at
one
>> computer while the other is often at 2 at the same
time.
>>
>> Any ideas what could be going on? The event logs seem
>> fine, no errors. She also mentioned this all started
up 2
>> months ago after her password had expired.
>>
>> As I type this, she mentioned it locked her out. I
>> searched the entire Event Viewer logs and only found
her
>> account referenced for printing. This time she did
>> deliberatly put her password wrong 1 time, with 5
being
>> the point before lock out.
>>
>.
>
- Next message: Jeff Ferrell: "Can't turn off "Download File" alert when starting desktop applications"
- Previous message: anonymous_at_discussions.microsoft.com: "Re: 2 users getting locked out repeatedly"
- Maybe in reply to: anonymous_at_discussions.microsoft.com: "Re: 2 users getting locked out repeatedly"
- Next in thread: Joe Richards [MVP]: "Re: 2 users getting locked out repeatedly"
- Reply: Joe Richards [MVP]: "Re: 2 users getting locked out repeatedly"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
