Accounts Locked Out

[Darryl]

Hi,

From time to time users lock their accounts up by entering the wrong
password. Is there a way of being notified that they have done this, or even
being able to look this up in a log file on the server.

Thanks,

 

[Simon Geary]

So long as you have auditing of failed logon attempts enabled this
information will be stored in the Security log in Event Viewer of the
offending workstation and also the DC. What you then need is a way to check
all your event logs for specific events. This KB shows you how to do this
with dumpel.exe on an NT 4.0 domain but it looks as though it should work
with Windows 2000 as well.

http://support.microsoft.com/?id=171148

 

[Darryl]

Thanks for that, I can see when they are locking their accounts, but I only
wish I knew how! Its only a couple of users but so far between the two of
them they have locked their account 5 times......doh

 

[Simon Geary]

Account lockouts are a deceptively complex beast, here is some bedtime
reading for you which will help troubleshooting.

http://www.microsoft.com/technet/tr...ndowsserver2003/maintain/operate/BPACTLCK.asp