Now Available:

Featured Resource:

line

Realtime Communities

line

Newsletter

Email Address:


line

Monthly Archives

line

RSS

line

Ask the Expert

Have a question for our resident expert? Email your questions to Greg.

« Backing up Virtual Server Transactional Databases Just Got Easier | Main | TNT Software to Release ELM v5.5 »

Accounts Repeatedly Getting Locked Out? Try the Account Lockout Tools...

Sometimes a recurring process or other mechanism finds itself with a bad user or service password. When that happens, often the result is a regularly locked out account. Tracking down these problems can be maddening, with the Security event log providing virtually no help.

But, while at the Minasi Forum in Virginia Beach this week, I talked with an attendee who reminded me about Microsoft's account lockout toolset. This free download from Microsoft includes a set of tools that you can use to track down those nasty repeated lockouts. None are a magic bullet, but all in combination provide an elevated situational awareness of the problem.

The tools include...

  • AcctInfo.dll. Helps isolate and troubleshoot account lockouts and to change a user's password on a domain controller in that user's site. It works by adding new property pages to user objects in the Active Directory Users and Computers Microsoft Management Console (MMC).
  • ALockout.dll. On the client computer, helps determine a process or application that is sending wrong credentials. Caution: Do not use this tool on servers that host network applications or services. Also, you should not use ALockout.dll on Exchange servers, because it may prevent the Exchange store from starting.
  • ALoInfo.exe. Displays all user account names and the age of their passwords.
  • EnableKerbLog.vbs. Used as a startup script, allows Kerberos to log on to all your clients that run Windows 2000 and later.
  • EventCombMT.exe. Gathers specific events from event logs of several different machines to one central location.
  • LockoutStatus.exe. Determines all the domain controllers that are involved in a lockout of a user in order to assist in gathering the logs. LockoutStatus.exe uses the NLParse.exe tool to parse Netlogon logs for specific Netlogon return status codes. It directs the output to a comma-separated value (.csv) file that you can sort further, if needed.
  • NLParse.exe. Used to extract and display desired entries from the Netlogon log files.

Get your copy of the tools here.

Tags:    
 Email This!  Digg it!  Sphere it!  Del.icio.us  Reddit!  Newsvine

Posted by Greg Shields on April 23, 2008 12:30 AM |

TrackBack

TrackBack URL for this entry:
http://www.realtime-windowsserver.com/type/mt-tb.cgi/786

Post a comment

(All comments are approved by site leader before appearing here. Thanks for commenting!)

Search

line

Most Active Posts

line

Library Resources

line
line

Recent Posts

line

Categories

line

Greg Shields' Bio:

Greg Shields, is an independent author, instructor, and IT consultant based in Denver, Colorado, and a co-founder of Concentrated Technology. With nearly 15 years of experience in information technology, Greg has developed extensive experience in systems administration, engineering, and architecture specializing in Microsoft systems management, remote application, and virtualization technologies. Greg is a Contributing Editor for Redmond Magazine, MCPmag.com, and Virtualization Review Magazine and is the author of five books, including Windows Server 2008:  What’s New / What’s Changed. Greg is also a highly sought-after instructor and speaker, speaking regularly at conferences like TechMentor Events, and producing computer-based training curriculum for CBT Nuggets.  Greg is a recipient of Microsoft "Most Valuable Professional" award with a specialization in Windows Terminal Services.