account locked out multiple times per day
- From: Joseph O'Brien <obrien1984@xxxxxxxxxxx>
- Date: Thu, 19 Jul 2007 06:58:41 -0700
I'm having a bizarre problem with an account that gets locked out
multiple times per day.
My account was previously a member of the domain admins group for a
long time. Bad, I know. So, recently I pulled the account from domain
admins and made it a member of domain users.
However, it seems like if I'm not a member of domain admins, my
account gets locked out every hour or two. From the SBS 2003 security
logs:
Event Type: Failure Audit
Event Source: Security
Event Category: Logon/Logoff
Event ID: 539
Date: 7/18/2007
Time: 3:50:42 PM
User: NT AUTHORITY\SYSTEM
Computer: BIGSERVER01
Description:
Logon Failure:
Reason: Account locked out
User Name: jobrien
Domain: SERVER01
Logon Type: 3
Logon Process: NtLmSsp
Authentication Package: NTLM
Workstation Name: 606
Caller User Name: -
Caller Domain: -
Caller Logon ID: -
Caller Process ID: -
Transited Services: -
Source Network Address: 192.168.1.138
Source Port: 2193
Prior to this entry are multiple success audits from my account and
others, which seems normal.
I have checked my machine and others for scheduled processes that
might be running with my username, etc., but I don't see anything
unusual. The security policy is set to lock out accounts after 50
invalid login attempts. I assume that those invalid attempts should
show up in the security log, which they do not.
Can anyone give me advice on how to troubleshoot this?
Thanks.
Joseph
.
- Follow-Ups:
- Re: account locked out multiple times per day
- From: Henry Craven {SBS-MVP}
- Re: account locked out multiple times per day
- Prev by Date: RE: Remote Access Issue
- Next by Date: RE: Remote Access Issue
- Previous by thread: high disk activity during Exchange maintenance
- Next by thread: Re: account locked out multiple times per day
- Index(es):
Relevant Pages
|
