Question

Locked

Windows Server 2003 R2 AD user Account Lockout

By kunal.khandait ·
Hello,
We have got Windows 2003 R2 server as AD with around 900 users. The problem is that the user account get locked out frequently. Even if the user logins in for first time account is locked out. We are unable to sort out the issue.
Your valauable suggestions are required.

Thanks & Regards,
Kunal K.

This conversation is currently closed to new comments.

7 total posts (Page 1 of 1)  
| Thread display: Collapse - | Expand +

All Answers

Collapse -

Did you try ALTools.exe?

by BizIntelligence In reply to Windows Server 2003 R2 AD ...

I once had an issue with a user and got it resolved using ALTools.exe. You can use this tool to find out which account (not in your case) or process is sending wrong credentials. Please read following article and then download it.

http://www.windowsecurity.com/articles/Implementing-Troubleshooting-Account-Lockout.html

Good Luck !

Collapse -

Is this..

by tmalo627 In reply to Windows Server 2003 R2 AD ...

for any user account? Or are you having problems with one specific account? How are the accounts being created? Do you use a script or manually create them from the UI? What's the policy for password complexity and incorrect attempts? Is that a possible cause for the problem?

There's a lot to consider here.

Collapse -

windows server 2003 AD problem.

by kunal.khandait In reply to Is this..

Hello,
the error is for all accounts. accounts are being created manually. number of incorrect attempt is 5.
It would be great if you could help me in sorting out problem.

Thanks,
Kunal K.

Collapse -

Have you checked the expiration on the accounts?

by SKDTech In reply to Windows Server 2003 R2 AD ...

If you have a template account you are using for the creation of new accounts you need to check and make sure that they are not being marked as expired or disabled on creation.

Collapse -

MICROSOFT_AUTHENTICATION_PACKAGE_V1_0

by kunal.khandait In reply to Windows Server 2003 R2 AD ...

hello,
i have been analysing the logs and i have found event id 680 MICROSOFT_AUTHENTICATION_PACKAGE_V1_0 package is giving pre-authentication error.
What can be cause ?

Thanks,
Kunal K.

Collapse -

ALTools again

by BizIntelligence In reply to MICROSOFT_AUTHENTICATION_ ...

MICROSOFT_AUTHENTICATION_PACKAGE_V1_0 could be anything. Most likely IIS.

As I explained earlier ALtools can be very helpful to determine which software or process is sending credentials on client computers. It could be virus,spyware or some daily used software. But as long as you dont know what process is sending that request on client computer you can not find out the cause.

<b>ALockout.dll (part of ALTOOLS)</b>
This tool creates a log file that can help you diagnose the cause of account lockout problems. Extract the files from ALockout.zip (for Windows 2000) or AlockoutXP.zip (for Windows XP) and copy them the computer experiencing the lockout problems (usually a user's workstation). Copy ALockout.dll to the System32 directory and double-click on Appinit.reg to register the DLL. Then restart the machine and when the lockout problem happens again you can view the log file %WinDir%\debug\ALockout.txt to troubleshoot.

More Info at: http://www.windowsecurity.com/articles/Implementing-Troubleshooting-Account-Lockout.html


By the way. what's the event ID? Can you please paste information about that event?

Cheers !

Collapse -

Got the Solution..

by kunal.khandait In reply to Windows Server 2003 R2 AD ...

Hello,
Actually our network was infected by CONFLICKER which was causing the problem. Now things have sorted out.

Thanks everyone for great help..

Thanks & Regards,
Kunal K.

Back to Networks Forum
7 total posts (Page 1 of 1)  

Related Forums