This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(48, 0%, 14%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ETT%3C/text%3E%3C/svg%3E)
Hello,
Several users at my job are getting locked out of their account due to too many login attempts even though they are claiming to have not attempted to log in for hours.
The security log shows an 'audit failure' with the device listed as our domain controller.
I've also gotten this with Kerberos listed as the device name.
Does anyone know if a service can be causing this? Or should I be more concerned about a brute force attempt?
Thank you
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(246.4, 20%, 33%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESM%3C/text%3E%3C/svg%3E)
Hi @Tim Trotter ,
We have changed the tag from Azure AD Domain services to Windows Active Directory as the issue seems to be related to the active directory domain controller configured on the VM rather than the managed domain.
Hi @Tim Trotter
Have a look at this article, it might help identify why the accounts are being locked out.
https://nettools.net/troubleshoot-account-lockouts/
Gary.