Domain Controller in Windows Server 2003

10 pts.
Tags:
Domain Controller
Windows Server 2003
Windows server administration
Windows Server User Profiles
Hi, Pls I have a challenge with my Domain Controller. Recently, the DC just lock-out users' accounts ndiscriminately (i mean a user log-on today and wake up tommorrow and the account is locked out). I have to unlock users' account almost everyday. Pls what is responsible for this and what can I do?

Note: This was not happening before and I did not configure any security setting to warrant this.



Software/Hardware used:
Windows 2003

Answer Wiki

Thanks. We'll let you know when a new response is added.

By default Windows 2003 domains will lock a computer out if the incorrect password is used enough times. Sounds like someone is attempting to break into your domain through VPN, Outlook Web Access, or some other services which is exposed on the Internet.

=====================

It is very likely that there is some malware running loose on your network. We have seen the same thing happen due to virus infected machines. Take a look at my blog <a href=”http://itknowledgeexchange.techtarget.com/it-trenches/tracking-down-that-usercomputer-that-locks-ad-accounts/”>Tracking down that user/computer that locks AD accounts</a>. It could take a while to track down and correct the source of the problem if you have a very distributed environment (like we do).

Discuss This Question: 2  Replies

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when members answer or reply to this question.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
  • Gabe9527
    Have you made any changes lately to your AD environment? Do you have any policies that could be at fault? anything realy to help in finding the solution......
    10,955 pointsBadges:
    report
  • Gabe9527
    This may help you in finding out what is happening.... Account Lockout Tools http://technet.microsoft.com/en-us/library/cc738772%28WS.10%29.aspx This will give you the following informaiton # DC Name: Displays all domain controllers that are in the domain. # Site: Displays the sites in which the domain controllers reside. # UserState: Displays the status of the user and whether that user is locked out of their account. # Bad Pwd Count: Displays the number of bad logon attempts on each domain controller. This value confirms the .domain controllers that were involved in the account lockout. # Last Bad Pwd: Displays the time of the last logon attempt that used a bad password. # Pwd Last Set: Displays the value of the last good password or when the computer was last unlocked. # Lockout Time: Displays the time when the account was locked out. # Orig Lock: Displays the domain controller that locked the account (the domain controller that made the originating write to the LockoutTime attribute for that user). With this you might get hints as to what is doing this.
    10,955 pointsBadges:
    report

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

To follow this tag...

There was an error processing your information. Please try again later.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Thanks! We'll email you when relevant content is added and updated.

Following