General discussion

Locked

Account Lockout after password change

By PneumaticOne ·
Recently after implementing active directory - the former admin that did the implementation has left. Since then - a policy that he instated to force password changes every 30 days has created a nightmare. Our users tend to use multiple simultanous logins to different machines in the domain. If the user is not logged out of all machines but the one he changing his password from -this will later cause acct lockout. The only resolution we've found is to have the user find all machines logged into, and then logout - then unlock and reset him. However it's often difficult to find everywhere he forgot to log out. Is there a tool to view all sessions open on a domain under his/her acct and track down the culprit a bit easier?

This conversation is currently closed to new comments.

3 total posts (Page 1 of 1)  
| Thread display: Collapse - | Expand +

All Comments

Collapse -

Account Lockout after password change

by Joseph Moore In reply to Account Lockout after pas ...

There is a free tool, WHOAMI.EXE, that tells you who is logged into a local machine. Unfortunately, this tool does NOT work remotely. You can't check a remote machine. Dang!
But, I have figured out a long, complicated method to do something that I think will work: download this tool, and install it on all machines.
Then, set up a Scheduled Task to run it every morning, and have it write the output to a text file. Have all the workstations write to the same text file. They should append to thefile, so you could then check the text file for all entries written.
Now, all you will get is an entry like this:
domain\username
That won't help too much. So, add an IPCONFIG before the WHOAMI to the the IP address for the worstation that is logged in by that user.
So, you would have the IP config info (including the IP address), then the user info.
But, if you need have a problem today, and this runs for weeks, it would get to be hard to figure out who is logged into machine X now, and who was logged into machine X 2 weeks ago.
So, add the TIME /T command, to get the time added to the whole thing. That only displays the current time that this is ran.
So, you have the IP address, the user name, and the time. But what day?
DATE /TThat gives you the date also!

So, here is what I would really do. Set up a BAT batch file. Run it every day in the morning as the Scheduled Task. Set up the BAT file like this:

@echo off
date /t
time /t
whoami
ipconfig

And in the Scheduled Task, have it send its output to a file by adding the >FILENAME.TXT to the end of the schedule command line. And here is what you will get:
(see next)

Collapse -

Account Lockout after password change

by Joseph Moore In reply to Account Lockout after pas ...

Wed 09/12/2001
7:16p
DOMAIN\USER_NAME


Windows NT IP Configuration


Ethernet adapter ACCXXXX:


IP Address. . . . . . . . . : 10.1.1.211

Subnet Mask . . . . . . . . : 255.255.255.0

Default Gateway . . . . . . : 10.1.1.1
I realize this is ugly, but it will work, if you think about it.
Maybe someone else will have a more elegant solution.

Collapse -

Account Lockout after password change

by Joseph Moore In reply to Account Lockout after pas ...

I forgot to list the URL to get WHOAMI.EXE. It is from Microsoft:
http://www.microsoft.com/windows2000/techinfo/reskit/tools/existing/whoami-o.asp
(please remove any spaces)

Hope this helps

Back to Windows Forum
3 total posts (Page 1 of 1)  

Related Discussions

Related Forums