Active Directory Account Automatically Lock Out

Chu Việt Duy 0 Reputation points
2023-09-09T01:58:10.5633333+00:00

We have active directory domain in our environment. And we have a account lockout policy for maximum 3 wrong password count and Screen lockout policy after 5 min of inactive uses. The problem we face is, some time some account continuously getting locked.

Windows
Windows
A family of Microsoft operating systems that run across personal computers, tablets, laptops, phones, internet of things devices, self-contained mixed reality headsets, large collaboration screens, and other devices.
5,285 questions
Windows Server
Windows Server
A family of Microsoft server operating systems that support enterprise-level management, data storage, applications, and communications.
12,902 questions
Active Directory
Active Directory
A set of directory-based technologies included in Windows Server.
6,411 questions
0 comments No comments
{count} votes

2 answers

Sort by: Most helpful
  1. Matt roberts 5 Reputation points
    2023-09-09T12:21:53.4266667+00:00

    You will need to enable audit logs and do some digging into the event logs to find the source computer. Then dig into the local computer event logs to find exactly what is causing the lockouts.

    Here is a detailed guide that walks through the steps.

    https://activedirectorypro.com/account-lockout-event-id/

    0 comments No comments

  2. Matt roberts 5 Reputation points
    2023-09-09T12:24:12.66+00:00

    On the DC look for event ID 4740. On servers and computers look for event 4625. Both require audit policy to be configured.

    0 comments No comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.