AD Account Lockout Checklist

less than 1 minute read


Checklist for finding out why an account keeps locking out of AD.

To Resolve:

  1. Check event ID’s: 529, 539, 644, 671, 675, 676, 681, 4771, 4625, 4740

  2. Scripts

  3. Credential Manager

  4. Scheduled tasks

  5. System Credential Manager (run psexec to open the system user, and check there),

  6. SQL agent jobs

  7. Third party RDP programs like RDTabs and Terminals.

  8. If none of the above, then turn on AD debug logging, netlogon issues can present themselves in wonky ways.

Spotted a mistake in this article? Why not suggest an edit!
Did you like the article? Donations are always welcome!