|
We
have changed his password to what he thinks it is but it hasn't helped. I
don't believe he has installed a service with a different password but I'll
double check. We are auditing bad logons but he doesn't have them showing
up. He can log in fine once his password is unlocked. He is fine for
awhile, then gets locked out again while he is working.
Why not just change the password to what he thinks he it
is? Is he able to login at all? Are you able to see where the bad
logins are coming from? Could he have possibly installed a service on
the win2k machine using a different password?
~~~~~~~~~~~~~~~~~~~~~~~~~~~~
K.Borndale
----- Original Message -----
Sent: Wednesday, August 22, 2001 9:00
AM
Subject: ID Monitoring??
I have a user who is constantly getting locked out of his
account. He
claims that he isn't typing in a bad password 3 times
(the lockout number)
but that it just suddenly happens. What is the
best way to monitor his ID
to determine what and when the bad password
attempts are happening? In
checking through the event logs on the
BDC's I don't see anything, or else
I'm not recognizing it for what it
is.
I am in an NT4 domain. We have multiple BDC's. The
user is having this
problem when they log on locally to the network and
also when RASing in.
They have 2 machines, a W2K and a Win98 machine that
they use.
Any help is appreciated.
Marc
http://www.sunbelt-software.com/ntsysadmin_list_charter.htm
http://www.sunbelt-software.com/ntsysadmin_list_charter.htm
http://www.sunbelt-software.com/ntsysadmin_list_charter.htm
|
