It is very likely that this account is being used as a service account and the password was changed or the service was configured with an incorrect password for this account. Another possible culprit is scheduled task. Enabling netlogon logging will help you, as described in the Account Lockout and Management Tools article I posted here last week. This is where I would start. If your Forest is not huge, I have a vbscript that can go through all the computers in your forest and find if there is a service configured to use this account. The script makes WMI calls to each computer object and queries it, so it is not very fast. Email me offline if you are interested. Sincerely,
D�j� Ak�m�l�f�, MCSE MCSA MCP+I www.akomolafe.com www.iyaburo.com Do you now realize that Today is the Tomorrow you were worried about Yesterday? -anon ________________________________ From: [EMAIL PROTECTED] on behalf of Mike Hogenauer Sent: Tue 10/21/2003 1:36 PM To: [EMAIL PROTECTED] Subject: [ActiveDir] Account Lockouts I am having a weird lockout problem with just one account (which at this time cannot be deleted and re created) The account seems to lock itself out approximately every 20 or 30 minutes. I've tried using LDP.exe and binding to the Domain controller from where I get the event error to see if there is any duplicate entries in AD, none show up. I've also disabled any account lockout policy and this is the only account in the domain that is having the problem. Event Type: Warning Event Source: NTDS Replication Event Category: Replication Event ID: 1083 I've also move the account to another OU and forced replication, still after about 20 or 30 minutes the account becomes locked out again. Any suggestions? Thanks in advance. Mike Hogenauer SR. Systems Admin Rendition Networks, Inc. 10735 Willows Rd NE, Suite 150 Redmond, WA 98052 425.636.2148 | Fax: 425.497.1149
<<winmail.dat>>
