I had a very annoying case. Domain accounts got locked out. Every day, same accounts got locked out. Huh, what do you do when users start asking you to fix the problem, that lockouts got annoying, and that they can’t work anymore like this?
Well, when that happens you need to know what is causing this.
When I was troubleshooting domain lockouts, I published a small How to troubleshoot domain lockouts. I can tell you one thing, there are two possible cases. Easy and complicated. In the end you have to solve to problem. There are many reasons for domain lockout and in most cases, if you follow my check list, you can easily and quickly solve the problem.
But what can you do if you can’t find out what is causing domain lockouts?
- You can set up automatic rule to unlock locked out users
- Find the root cause
You can do both with Netwrix Account Lockout Examiner. Finding root cause is easy for most problems
- Services
- Mapped network drives
- Scheduled tasks
And the best feature is that you can find out originating computer / server.
NetWrix Account Lockout Examiner Review
How to pinpoint account lockout problem? It’s not easy.
Calvary is called NetWrix Account Lockout Examiner.Program is very simple to use. To start using it, you have to enter domain admin credentials, then you let the program do the magic. What I like about Lockout Examiner is the fact that it can help with both, you set up automatic unlock and you can finding origin of the problem. On the main screen you will immediately see locked out users in real time.
NetWrix Account Lockout Examiner presents simple screen where you can see in real time when users gets locked. When user is locked out of domain you can choose to examine that user – it examines locked user, computer, scheduled tasks… or you can unlock the user.
In a second you get data that is relevant for trouble shooting. What really matters here is that you will see which domain controller is affected. If user is terminal services user you will find out here that Terminal server is the issue for the lockout.
You get to know if user lockout originates from:
- Computer,
- Domain Controller,
- TMG,
- wrong password even stalled credentials.
- Lockouts can also be caused by Conficker/Downadup virus.
Network Account Lockout Examiner can help you find what is causing domain lockouts, you can easily discover the cause.
In my case It helped me to discovered a reason for user being locked – it was wrong proxy credential in Itunes. But there were more cases when It saved a lot of my time.
Sometimes it’s better to know before the user when the lockout happens, so that you can monitor situation immediately. You can set up notifications that in case users get locked, you receive email notification.
This program is a gem, it can save you a lot of time troubleshooting lockouts.
What else is cool?
You can install add on – web portal that enables you to examine / unlock users via browser (iPhone/Android users, how cool is that?). Not only that, it also enables you to examine lockouts on the go.
Best of all, NetWrix Account Lockout Examiner is available in two editions, FREE and paid. Free edition will help you find the problem.
So if this program is so good, is there a room for improvement?
Yes, it is. I would really love if it had an option that it would show you events from event log on the time of lock out. For instance, if lockout occurs in DC, I would love to see that event, if lockout occurs in TMG, I would love to see that event too, currently you need to see even log manually of that server. Program is regularly updated with features so I am certain this will be part in one of the next versions.
If you have lock out problems, you need to check NetWrix Account Lockout Examiner ASAP. It will save you a lot of time.
Leave a Reply