-----Original Message-----
See the link below for a good resource. Enable auditing of account logon
events on the domain controller and logon events on the other computers for
at least failure and look in the security log in Event Viewer for failed
logons. You can use Event Comb as described in the white paper to scan the
computer logs for particular events. The problem could be another user
intentionally locking him out, that he is logged onto another computer
somewhere with an expired password [maybe a Terminal Server session],
Scheduled Tasks with expired password, mapped drives using expired password,
a service using his account [though unlikely], XP Pro using saved
credentials with an expired password, etc. --- Steve
http://www.microsoft.com/technet/prodtechnol/windowsserver 2003/technologies/security/bpactlck.mspx
Domain controller on Windows NT, RAS on Windows 2000,
client on Windows 2000 ... this user gets locked out
frequently. Can someone give me some hints as to
what/where to look, to what's causing this?
I would very much appreciate it. This user is my CEO.
.
