Odd account lockout activity
From: Dr. T. (tony.sinkiewicz_at_rpu.org)
Date: 05/14/03
- Next message: Dr. T.: "Permissions"
- Previous message: Steven L Umbach: "Re: lost admin shares"
- In reply to: Kevin Whan: "Odd account lockout activity"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Wed, 14 May 2003 09:35:53 -0700
Are you running more than one domain? Is there an NT4
and an AD domain with migrated users?
Also check domain policy for expiration times on
passwords and lockouts.
Dr. T.
>-----Original Message-----
>Hi all,
>
>I received several calls today from users complaing that
>their account was locked out.
>
>Our policy is reasonably liberal - 5 logon attempts and
>reset after 20 minutes.
>
>I thought little of it until the third call when I
>started checking the status of all users and discovered
>that every account that I had not already reset was
>locked out.
>
>The only things I could think of that would cause this
is
>either an attempt to compromise the security within the
>timespan I was checking or some odd sort of corruption
in
>the SAM.
>
>I was unable to find any references in the Knowledgebase.
>
>Anyone have any ideas/experiences with this behaviour?
>
>Thanks in advance,
>
>Kevin Whan
>.
>
- Next message: Dr. T.: "Permissions"
- Previous message: Steven L Umbach: "Re: lost admin shares"
- In reply to: Kevin Whan: "Odd account lockout activity"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
