none
Active Directory Accounts are locked out (All Accounts) frequently RRS feed

  • Question

  • Dear Support,

    we had SMS 2003. now we had upgraded it to SCCM 2007. we dont know this problem is with SCCM 2007 or another.... our all 650 users are getting account lok out message............ this message we are getting after upgrading SCCM 2007. kindly help asap. its very urgent......... we have win 2003 standard edition with SP2...................

    Vishal Sharma

    Wednesday, April 21, 2010 2:52 PM

Answers

  • Check the Security Event Log on your Domain Controllers for the source IP or network node name of the machine causing the lockouts.  Isolate this machine from the network, and determine what is forcing it to try authentication against multiple user accounts.  It sounds like you have some software on your network used by all client machines that causes authentication to happen on behalf of the logged in user, similar to Windows Integrated Authentication.  Let us know what the roles are of the server that is found to be causing the issues.  It could be more than one network node at fault, but you have to find it first.  The last time I saw this problem, users had saved passwords to network servers on Windows XP machines.  You can see this screen by typing "control userpasswords2" at the run prompt, Windows Key + R.  Go to the advanced tab, and click Manage Passwords.
    • Marked as answer by Kevin Remde Sunday, May 23, 2010 1:12 PM
    Friday, April 23, 2010 4:37 PM

All replies

  • Please follow your question in the Directory Services forum

    http://social.technet.microsoft.com/Forums/en-US/winserverDS/thread/ab7bfa8d-779b-4e16-a119-33d5863218ad

     


    Santhosh Sivarajan | MCTS, MCSE (W2K3/W2K/NT4), MCSA (W2K3/W2K/MSG), CCNA, Network+ Houston, TX http://blogs.sivarajan.com/ http://publications.sivarajan.com/ This posting is provided "AS IS" with no warranties, and confers no rights.
    Wednesday, April 21, 2010 8:41 PM
  • Check the Security Event Log on your Domain Controllers for the source IP or network node name of the machine causing the lockouts.  Isolate this machine from the network, and determine what is forcing it to try authentication against multiple user accounts.  It sounds like you have some software on your network used by all client machines that causes authentication to happen on behalf of the logged in user, similar to Windows Integrated Authentication.  Let us know what the roles are of the server that is found to be causing the issues.  It could be more than one network node at fault, but you have to find it first.  The last time I saw this problem, users had saved passwords to network servers on Windows XP machines.  You can see this screen by typing "control userpasswords2" at the run prompt, Windows Key + R.  Go to the advanced tab, and click Manage Passwords.
    • Marked as answer by Kevin Remde Sunday, May 23, 2010 1:12 PM
    Friday, April 23, 2010 4:37 PM
  • Looking back all the post.. is interesting to see this forum have grow

    Guowen Su
    Cisco Certified Network Associate
    Cisco Certified Internetwork professional - MPLS
    Certified Information Systems Security Professional
    Microsoft Partner Network 2011
    Microsoft Certified Professional
    Microsoft Certified Systems Administrator:Security
    Microsoft Certified Systems Engineer: Security
    Microsoft Certified Technology Specialist: Windows Server 2008 Active Directory, Configuration
    Microsoft Certified Technology Specialist: Windows Server 2008 Network Infrastructure, Configuration
    Microsoft Certified Technology Specialist: Windows Server 2008 Applications Infrastructure, Configuration
    Microsoft Certified Technology Specialist: Windows 7, Configuring
    Microsoft Certified IT Professional: Enterprise Administrator
    Microsoft Certified IT Professional: Server Administrator
    Certified Ethical Hacker
    Computer Hacking Forensics Investigator
    Certified Sonicwall Security Administrator
    Microsoft Geeks

    Tuesday, June 19, 2012 2:52 AM