Services and user lockout

  • Thread starter Thread starter Andy
  • Start date Start date
A

Andy

Hi
Is their a utility which will list all services and the accounts they login
with on a machine. We have an admin user who changed his password and now
gets locked out every few minutes. We're guessing a service was using his
account/old password.

TIA
Andy
 
Hi Andy

You can see this in System Information.

Depending on the size of the environment, you may want to consider using the
account lockout tools and whitepaper ...

http://www.microsoft.com/technet/prodtechnol/windowsserver2003/technologies/security/bpactlck.mspx

http://www.microsoft.com/downloads/...9C-91F3-4E63-8629-B999ADDE0B9E&displaylang=en

You can use LockoutStatus to see which domain controller is being hit with
the bad password attempts and then enable auditing on that DC to identify
the machine on which the bad attempts are coming from. Once you've got this
sorted out, you can try to find the service that's using the Admin account
or implement ALockout.dll to identify the offending process.

Kind regards
--
Mark Renoden [MSFT]
Windows Platform Support Team
Email: (e-mail address removed)

Please note you'll need to strip ".online" from my email address to email
me; I'll post a response back to the group.

This posting is provided "AS IS" with no warranties, and confers no rights.
 
Back
Top