We use ManageEngine ADAudit for this. It's reasonably priced and a lot easier than searching event id's in the AD logs.
On Mon, Apr 14, 2014 at 4:03 PM, Danny Eaton <[email protected]> wrote: > I had this problem due a VM trying to connect to a shared network drive > using cached credentials and locking out the account. I'll pass this info > on to my AD folks - thanks! > > > > *From:* The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto: > [email protected]] *On Behalf Of *Jeffrey Sessler > *Sent:* Monday, April 14, 2014 4:00 PM > *To:* [email protected] > *Subject:* Re: [WIRELESS-LAN] account lockouts when changing passwords > > > > If you're using AD as your authentication source, look at implementing > "Password history check (N-2)" > With Password history check (N-2), as long as the password being used is > one of the last two in the history file, the bad password count is not > incremented... thus, no account lockout when using an old, but valid > password. That is, while the user can't authenticate using the old password > (it still fails as an incorrect password), account lookout doesn't occur. > It works around the problem where a user changes their password on say > their desktop, and then their mobile device instantly locks their account > as it attempts to auth on WPA. > > Jeff > > > ********** Participation and subscription information for this EDUCAUSE > Constituent Group discussion list can be found at > http://www.educause.edu/groups/. > > ********** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
