Locked Accounts

Oh man! Ad-blocking software has been detected! :'(

This website is run by the community, for the community... and it needs advertisements in order to keep running. Blocking our ads means your killing our stats!
Please disable your ad-block, or become a premium member to hide all advertisements and this notice.

I recently had a problem with the antivirus service account on the network at work constantly getting locked out and couldn't track down where it was getting locked out. I came a cross altools.exe from Microsoft which helped solve the problem and I thought might be useful to some of you guys The tools included are

AcctInfo.dll. Helps isolate and troubleshoot account lockouts and to change a user's password on a domain controller in that user's site. It works by adding new property pages to user objects in the Active Directory Users and Computers Microsoft Management Console (MMC).

ALockout.dll. On the client computer, helps determine a process or application that is sending wrong credentials.

Caution: Do not use this tool on servers that host network applications or services. Also, you should not use ALockout.dll on Exchange servers, because it may prevent the Exchange store from starting.

ALoInfo.exe. Displays all user account names and the age of their passwords.

EnableKerbLog.vbs. Used as a startup script, allows Kerberos to log on to all your clients that run Windows 2000 and later.

EventCombMT.exe. Gathers specific events from event logs of several different machines to one central location.

LockoutStatus.exe. Determines all the domain controllers that are involved in a lockout of a user in order to assist in gathering the logs. LockoutStatus.exe uses the NLParse.exe tool to parse Netlogon logs for specific Netlogon return status codes. It directs the output to a comma-separated value (.csv) file that you can sort further, if needed.

NLParse.exe. Used to extract and display desired entries from the Netlogon log files.


The tool I used and turned out to be very useful was lockoutstatus.exe, you provide the account details of the account you are having a problem with and it returns a breakdown of all the domain controllers on your network with the status of he account on that particular server. The details include whether the account is locked out or not, time the account was locked, the number of bad passwords and the last time a bad password was provided.


Phil

 

Oh man! Ad-blocking software has been detected! :'(

This website is run by the community, for the community... and it needs advertisements in order to keep running. Blocking our ads means your killing our stats!
Please disable your ad-block, or become a premium member to hide all advertisements and this notice.

Nice, Phil - will have a good look at that one.

 

Top stuff Phil.

Are these tools part of any resource kit?

 

Not as far as I know nugget, I think they're just available as a download from MS. Took some searching before I came across them.