AD Account Lockout Checklist

less than 1 minute read

Description:

Checklist for finding out why an account keeps locking out of AD.

To Resolve:

  1. Check event ID’s: 529, 539, 644, 671, 675, 676, 681, 4771, 4625, 4740

  2. Scripts

  3. Credential Manager

  4. Scheduled tasks

  5. System Credential Manager (run psexec to open the system user, and check there),

  6. SQL agent jobs

  7. Third party RDP programs like RDTabs and Terminals.

  8. If none of the above, then turn on AD debug logging, netlogon issues can present themselves in wonky ways.

Comments

You May Also Enjoy