Hi,
I have checked for 4625 event but not found single event for parrot ID. Also tried to run rundll32 keymgr.dll,KRShowKeyMgr command but got below result.
Any other option to find running processes using same ID.
Thanks,
Sachin
This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
Hi,
We have Domain Controller & Additional Domain controller in our environment. From last few days false event ID 4740 getting generated continuously for every second for Domain controller Administrator ID. Administrator account is not getting locked but event ID 4740 getting generates in Security event. We have not used administrator account for any service.
Thanks & Regards,
Sachin Shinde
Hi,
I have checked for 4625 event but not found single event for parrot ID. Also tried to run rundll32 keymgr.dll,KRShowKeyMgr command but got below result.
Any other option to find running processes using same ID.
Thanks,
Sachin
Hi,
Thanks for response. In client address no IP is showing.
Thanks,
Sachin Shinde
I'm also getting the same problem within a production environment and it is happening with several users and when I asked users about their account locked out, users have no answer for that like they haven't gotten any locked out prompt on their screen.
I have searched for all the logs within that specific DC but didn't get any information about the origin of that log or any reason for the account being locked out.
There is several DC configured in my environment but this is happening with only 3 DC.