--On Wednesday, March 26, 2003 1:16 PM -0500 "Wright, Bill"
<[EMAIL PROTECTED]> wrote:
I have never posted to this board, so hopefully I'm following the
right procedures. My issue is that a user's account keeps getting
locked out due to an aggressive password policy (30 days) and he
claims that he isn't logged into multiple machines nor is he fat
fingering his password. Is anybody aware of a product to find out
where or how many Windows 2000 servers or workstations a user is
logged into? My thinking is that he's logged into multiple machines
under an old password that keeps locking him out.
I personally don't know of ways to determine the number or location(s)
of workstation(s) a user is logged in to, but here are other issues
that could be causing the account lockout on just the one workstation:
* A service that runs in the user's context instead of the SYSTEM
context and that occasionally has to communicate with a domain
server.
* Specialty software that has to store the user's password and that
communicates with a domain server and somehow passes that password
to the server.
* If you're using Exchange and the user has the mailbox open in
Outlook when he changes his password, Outlook will still touch the
Exchange server with the old password (like at mail checks). If the
user just locks his workstation and doesn't log out, the account will
keep getting locked out.
* Persistant network drive mappings can sometimes retain knowledge of
an old password.
--
Su Wadlow
[EMAIL PROTECTED]
Faculty/Staff Support
-------------------------------------------------------------------
SurfControl E-mail Filter puts the brakes on spam,
viruses and malicious code. Safeguard your business
critical communications. Download a free 30-day trial:
http://www.surfcontrol.com/go/zsfsbl1
