Skip to content
Rorymon Logo
  • Blogroll
  • About
  • Contact
Menu
  • Blogroll
  • About
  • Contact
Twitter
Linkedin
Rss
  • All Articles
  • Applications
    • App Compatibility
    • App Deployment
    • App Virtualization
      • App-V
        • Decision Matrix
        • App-V 4.x Recipes
        • App-V 5.x Recipes
        • App-V Videos
      • AppSense StrataApps
      • Cameyo
      • Evalaze
      • Frame
      • Numecent CloudPaging
      • P-Apps
      • ThinApp
      • Turbo
      • Workspace Streaming
      • XenApp Profiling
    • Containers
    • Layering
      • App Volumes
      • Citrix App Layering
      • FlexApp
      • Unidesk
  • Citrix
    • AppDNA
    • Citrix App Layering
    • Citrix Monitoring
    • Citrix Profiling
    • Citrix XenApp
  • Microsoft
    • ACT
    • Azure
    • BitLocker
    • Hyper-V
    • inTune
    • MDOP
      • AGPM
      • APP-V
      • DaRT
      • MBAM
      • MED-V
    • RDS
    • System Center
      • SCCM
      • SCOM
    • WDS
    • Windows
      • Windows 7
      • Windows 8
      • Windows 10
      • Windows Server 2012
  • VMware
    • App Volumes
    • ThinApp
  • Downloads
  • Podcast

How to Resolve Frequent AD Account Locks

  • Rory Monaghan
  • March 9, 2019
Share on reddit
Share on facebook
Share on twitter
Share on linkedin
System Administration

I’m surprised at how many people don’t seem to know about the Account Lock and Management Tools by Microsoft. When I work in an environment that doesn’t have some expensive third party AD management tools this is my go to and it’s really simple to use. It doesn’t get quite to the level of some other tools but it points you in the right direction!

Typically, I’ll unlock my account so I can work. I’ll keep the AD Tool open, pointed to my account or whatever account is having the issue and refresh it every 10 minutes or so. Pretty quickly I notice a bad password attempt getting registered under the Bad Pwd Count column. You may notice you see bad attempts against more than one Domain Controller, this is because it will reflect on your primary DC.

Eventually, I’ll notice which DC my account got locked on. You don’t have to wait for a lock to occur to figure this out. If you ran the tool when an account was already locked, you’ll most likely see something similar as in the above screenshot right away.

The beauty here is that I can right click on ADDC03 right in the tool and view the Event Viewer logs!

 

From this point, If I go to the Security logs and check for Audit Failure events around the time of my user’s last bad password attempt and grab the IpAddress from the event details, nine times out of ten, that’ll point me right to the service causing the lock. Just do an nslookup and you’ll have the hostname of your culprit.

In some cases this could be a machine I left myself locked on but not logged off. It could be an application like an IM service that is using my old cached credentials or any number of things. Either way, this tool can help tell you what that is.

Happy hunting!

Christian Wiediger

 

AD Account Lock Issues,My Account Keeps Locking,Unlock AD Account,Where are my credentials cached,Why does my account keep locking
PrevPreviousEpisode 62 – Windows Lite, Preview of Chromium Based Edge, USB 4 & More
NextEpisode 63 – Citrix Internal Network Breach, Chrome Zero Day, NGINX Acquisition & MoreNext
Rory Monaghan

Rory Monaghan

Microsoft MVP. Citrix CTA. IGEL Insider. VMware EUC Champion & vExpert.
Twitter
Linkedin
Rss
Vimeo
Youtube
Soundcloud

Get the App-V Decison Matrix and Interactive Tool.

See what the right deployment option for your applications is.
Let's Go!
FREE TOOL
Further Reading

Windows 10 Migration Checklist

Application packaging and virtualization services.
Learn More

Let's make virtualization EASIER!

Be amongst the first to know when I publish new reviews, guides and tools to simplify your virtualization projects.

Categories
  • All Articles
  • Application Compatibility
  • Application Virtualization
  • Containers
  • Citrix XenApp
  • Application Layering
Connect
  • Blogroll
  • About
  • Contact
Twitter
Linkedin
Rss
Vimeo
Youtube
Soundcloud
© Copyright Rorymon.com. All rights reserved 2021.
Privacy   |   Cookies
Marketing Services by Riabro.