Does Microsoft have an account lockout tool for windows 2008 R2? I have random accounts locking out on my new 2008 R2 mixed mode domain and need more information as to why this is happening. I would like a tool that I would enter the users name and it would search the directory for why this is happening... I have already turned on logging in group policies. Thank You, Scott

Hello, Go to your DCs Security logs in event viewer. Once done, check logged events about lockouts and get the list of source computers. Once done, check if there is a service / application on these computers that are running under an old password or a wrong one. Also, check if these computers are infected by viruses / malware programs. More here: http://pbbergs.com/windows/articles/UserAccountLockoutTroubleshooting.html This posting is provided "AS IS" with no warranties or guarantees , and confers no rights. Microsoft Student Partner 2010 / 2011 Microsoft Certified Professional Microsoft Certified Systems Administrator: Security Microsoft Certified Systems Engineer: Security Microsoft Certified Technology Specialist: Windows Server 2008 Active Directory, Configuration Microsoft Certified Technology Specialist: Windows Server 2008 Network Infrastructure, Configuration Microsoft Certified Technology Specialist: Windows Server 2008 Applications Infrastructure, Configuration Microsoft Certified Technology Specialist: Windows 7, Configuring Microsoft Certified Technology Specialist: Designing and Providing Volume Licensing Solutions to Large Organizations Microsoft Certified IT Professional: Enterprise Administrator Microsoft Certified IT Professional: Server Administrator Microsoft Certified Trainer

Hello, Go to your DCs Security logs in event viewer. Once done, check logged events about lockouts and get the list of source computers. Once done, check if there is a service / application on these computers that are running under an old password or a wrong one. Also, check if these computers are infected by viruses / malware programs. More here: http://pbbergs.com/windows/articles/UserAccountLockoutTroubleshooting.html This posting is provided "AS IS" with no warranties or guarantees , and confers no rights. Microsoft Student Partner 2010 / 2011 Microsoft Certified Professional Microsoft Certified Systems Administrator: Security Microsoft Certified Systems Engineer: Security Microsoft Certified Technology Specialist: Windows Server 2008 Active Directory, Configuration Microsoft Certified Technology Specialist: Windows Server 2008 Network Infrastructure, Configuration Microsoft Certified Technology Specialist: Windows Server 2008 Applications Infrastructure, Configuration Microsoft Certified Technology Specialist: Windows 7, Configuring Microsoft Certified Technology Specialist: Designing and Providing Volume Licensing Solutions to Large Organizations Microsoft Certified IT Professional: Enterprise Administrator Microsoft Certified IT Professional: Server Administrator Microsoft Certified Trainer

Hi, Thank you for your post. In addition, check saved credentials in credentials Manager, use procemon to check the process with user Name column. In Windows 2008, you could use ADAC to show the account lockout details. Please read article below: You probably don't need ACCTINFO2.DLL If there are more inquiries on this issue, please feel free to let us know. Regards,Rick Tan TechNet Community Support

If these accounts are used for Scheduled Tasks this may apply: http://support.microsoft.com/kb/2548120

Hi, Thank you for your post. In addition, check saved credentials in credentials Manager, use procemon to check the process with user Name column. In Windows 2008, you could use ADAC to show the account lockout details. Please read article below: You probably don't need ACCTINFO2.DLL If there are more inquiries on this issue, please feel free to let us know. Regards,Rick Tan TechNet Community Support

If these accounts are used for Scheduled Tasks this may apply: http://support.microsoft.com/kb/2548120

Locked out again today. Last time was December 15th. This started after adding a 2008 R2 domain controller. I do not use my login for any network tasks. I am a member of the domain administrators group. My password is set to never expire. My security logs show no mention of an unsusessful login. I tried 5 times... An hour later my account was unlocked. STRANGE! Thank You, Scott

Make sure that you do not have any RDP sessions to any server left without logging off properly,as if you change your password and had these sessions, windows will keep trying to login every 2 hours using the wrong old password causing your account to be locked outMCSA: Messaging, MCSE, MCTS:BDD