Account lockout

windows active-directory

Microsoft provides some great add-ons which can help quite a bit with this. Here is a lint to those tools: Account Lockout and Management Tools

and here is some articles on how to use the tools: http://technet.microsoft.com/en-us/library/cc738772.aspx http://www.windowsecurity.com/articles/Implementing-Troubleshooting-Account-Lockout.html

The one which would probably be most helpful is the LockoutStatus.exe, as it will find all of the domain controllers in your forest/domain and return to you that last time in which there was an unsuccessful login attempt. It will also tell you if the account is locked on that DC, and provides you the ability to unlock at that site.


My first action would be to enable security loggin for failed logon and attempts on the domain security policy, this may give you some insight into what is causing the lockout.

Related

What inconsistencies should I expect between WAMP and LAMP stacks? [closed]
Should I install antivirus in Windows 7 RC XP Mode?
Google Contacts on IP phones via asterisk PBX
Good Linux podcasts/links for beginners [closed]
Using SQL Server 2008 Management studio to connect to SQL Server 2005 databases
Are there any FIPS-140-2 certified solutions for Linux? [closed]
How long should we wait before deploying Vista / Server2008 SP2
Web Designer Permissions on a Production Web Server [closed]
SQL Server 2005 Service Pack 3 won’t install
Installing Domain Controller on Hyper-V Host
The Gentoo live-cd shows my drives as "hda", but booting into my own kernel shows "sda" (therefore, boot fails). What should I do?
Redirecting to the IP of an amazon EC2 instance