Click here to get back home

User account locked out without explanation

 HomeNewsGroups | Search

get this group's latest topics as an RSS feed  microsoft.public.windows.server.security - Supporting MS Windows network? Read here before it's too late!

please rate
this thread
If you were  Registered and logged in, you could reply and use other advanced thread options
Posted by Brad on January 25, 2010, 10:23 am



We're running a W2K3 Active Directory environment.  We have a problem with
user's AD accounts getting locked out unexpectedly.  An examination of the
domain controller security event logs shows nothing like any bad password
attempts leading up to the lockout.  We did find a series of LSASRV events in
the local PC System log, Event IDs 40961, and 40961, and in the Application
log there were two USERENV events, IDs 1006 and 1030, coinciding exactly with
the time the accounts get locked out.  Google and Bing searches were not
fruitful.  I would appreciate any suggestions on where to look for
information that would shed light on what relation, if any, these events have
on the account getting locked out.

Posted by Meinolf Weber [MVP-DS] on January 25, 2010, 4:22 pm



Hello Brad,

Start with account lockout tools and also check for conficker, see the following
articles:
http://technet.microsoft.com/en-us/library/cc738772" target="_blank">http://technet.microsoft.com/en-us/library/cc738772(WS.10).aspx

http://www.microsoft.com/downloads/details.aspx?familyidzF2E69C-91F3-4E63-8629-B999ADDE0B9E&displaylang=en" target="_blank">http://www.microsoft.com/downloads/details.aspx?familyidzF2E69C-91F3-4E63-8629-B999ADDE0B9E&displaylang=en

http://support.microsoft.com/kb/109626" target="_blank">http://support.microsoft.com/kb/109626

http://www.pbbergs.com/windows/articles/UserAccountLockoutTroubleshooting.html

http://support.microsoft.com/kb/962007" target="_blank">http://support.microsoft.com/kb/962007

Best regards

Meinolf Weber
Disclaimer: This posting is provided "AS IS" with no warranties, and confers
no rights.
** Please do NOT email, only reply to Newsgroups
** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm






Posted by shanmugam on June 27, 2010, 1:43 pm


 Brad wrote on 01/25/2010 10:23 ET :

has
 the same problem reads this thread in future..
 
 Lockout fixer is a free tool which lets you to quickly determine from where
the
 invalid credentials are coming.. You can download lockout fixer here:
 http://lockoutfixer.cz.cc/


Subject Author Date
User account locked out without explanation Brad 01-25-2010
If you were  Registered and logged in, you could reply and use other advanced thread options

Our other projects:

Art Dolls, Fairies and Mermaids - Sunnyfaces.net

Driving a better car - Fuelzilla.com

Cabling site for homeowners and pros alike - Cabling-Design.com

1-Script XML SitemapXML Sitemap
Privacy Policy