locked
AD accounts getting locked RRS feed

  • Question

  • We’re facing issue of frequent AD account locked out, we recently migrated domain controllers from 2008 to 2012 R2. 

    Event ID  1083 followed by 1955 

    Tuesday, December 15, 2015 12:35 PM

Answers

  • Hi,
     
    Could you please share more details about your environment? It's hard for us to troubleshoot the issue without complete knowledge of your AD configuration.
     
    I would agree with <Burak>, please first verify your replication with “repadmin /replsum” and “repadmin /showrepl” and see if there is any issue.
     
    Also, as per the KB article below, Event 1083 may occur if a duplicate object is present in Active Directory for the replication partner of the local domain controller. You might want to try the steps mentioned in it and see if that helps:
     
    https://support.microsoft.com/en-us/kb/296714
     
    Hope this helps.
     

    Regards,

    Ethan Hua


    Please remember to mark the replies as answers if they help, and unmark the answers if they provide no help. If you have feedback for TechNet Support, contact tnmff@microsoft.com

    Wednesday, December 16, 2015 7:26 AM

All replies

  • Hi

     please upload the following files on OneDrive,

    - ipconfig /all (all DC's)

    - dcdiag

    - repadmin /replsum


    This posting is provided AS IS with no warranties or guarantees,and confers no rights. Best regards Burak Uğur

    Tuesday, December 15, 2015 12:58 PM
  • Hi,
     
    Could you please share more details about your environment? It's hard for us to troubleshoot the issue without complete knowledge of your AD configuration.
     
    I would agree with <Burak>, please first verify your replication with “repadmin /replsum” and “repadmin /showrepl” and see if there is any issue.
     
    Also, as per the KB article below, Event 1083 may occur if a duplicate object is present in Active Directory for the replication partner of the local domain controller. You might want to try the steps mentioned in it and see if that helps:
     
    https://support.microsoft.com/en-us/kb/296714
     
    Hope this helps.
     

    Regards,

    Ethan Hua


    Please remember to mark the replies as answers if they help, and unmark the answers if they provide no help. If you have feedback for TechNet Support, contact tnmff@microsoft.com

    Wednesday, December 16, 2015 7:26 AM
  • Also, have you tried using LOCKOUTSTATUS.EXE (available from Microsoft) to check, which machine are causing such issue ? You can download Lockoutstatus.Exe tool from here : https://www.microsoft.com/en-us/download/DETAILS.ASPX?DISPLAYLANG=EN&ID=18465

    This TechNet article can also be a nice approach that covers all the required steps in detail in order to troubleshoot account lockout issue and get rid from this soon : http://social.technet.microsoft.com/wiki/contents/articles/4585.account-locked-out-troubleshooting-eventcombmt.aspx

    And, Troubleshoot account lockouts and manage employee productivity



    Organizations who want increase their visibility as to what's happening in their IT environments but are perhaps limited on time, resources or budget. Lepide 2020 audit & change control suite provides instant access to see who, what, where and when changes are being made to Active Directory, Group Policy, SQL Servers, SharePoint, File Servers, Exchange Servers and more.

    Wednesday, December 16, 2015 8:04 AM
  • We’re facing issue of frequent AD account locked out, we recently migrated domain controllers from 2008 to 2012 R2. 

    Event ID  1083 followed by 1955 

    Exact same scenario for me - migration from 2008r2 to 2012r2 domain controllers and now this. 

    more details:

    the user logs in fine, by the time they open their browser (which connects through our smoothwall proxy via NTLM auth) the account is lockout and repeatedly prompts them to login.

    Quite baffled at the moment....Any help hugely appreciated!

    More Details (Again):

    repadmin /showrepl all return successful

    repadmin /replsum:

    Source DSA          largest delta    fails/total %%   error
          DC-001                   :51s            0 /   5    0
          DC-006                58m:53s        0 /   5    0


    Destination DSA     largest delta    fails/total %%   error
          DC-001                58m:59s          0 /   5    0
          DC-006                   :51s              0 /   5    0

    • Edited by Zenden8686 Wednesday, January 13, 2016 11:52 AM more info added
    Wednesday, January 13, 2016 11:32 AM