You will need to enable audit logs and do some digging into the event logs to find the source computer. Then dig into the local computer event logs to find exactly what is causing the lockouts.
Here is a detailed guide that walks through the steps.
This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
We have active directory domain in our environment. And we have a account lockout policy for maximum 3 wrong password count and Screen lockout policy after 5 min of inactive uses. The problem we face is, some time some account continuously getting locked.
You will need to enable audit logs and do some digging into the event logs to find the source computer. Then dig into the local computer event logs to find exactly what is causing the lockouts.
Here is a detailed guide that walks through the steps.
On the DC look for event ID 4740. On servers and computers look for event 4625. Both require audit policy to be configured.