Go Back   TechArena Community > Technical Support > Computer Help > Windows Server > Active Directory
Become a Member!
Forgot your username/password?
Register Tags Active Topics RSS Search Mark Forums Read

Sponsored Links



Event ID 1083 & 1955 and account locks

Active Directory


Reply
 
Thread Tools Search this Thread
  #1  
Old 13-04-2007
jmp13
 
Posts: n/a
Event ID 1083 & 1955 and account locks

Experiencing user accounts getting locked out for no reason. The default
domain policy has no restrictions. Trying to troubleshoot the problem so it
was turned off. It used to be set to 3 for the account lockout policy for bad
login attempts. In the middle of a domain migration from NT4 to 2003 with
Exchange 5.5 to 2003 migration. This issue just started a few weeks ago. My
question is could the the 1083 event ids in the DS log be related to the
account lockout issue. Any other suggestions in trying to find out why
accounts lockout?

Reply With Quote
  #2  
Old 13-04-2007
Hayman Ezzeldin
 
Posts: n/a
Re: Event ID 1083 & 1955 and account locks

Dear Jmp13,
These usernames that get locked out are assigned to users or services?

"jmp13" <jmp13@discussions.microsoft.com> wrote in message
news:560D21DB-CE25-43A8-8AC9-593236D9C1FE@microsoft.com...
> Experiencing user accounts getting locked out for no reason. The default
> domain policy has no restrictions. Trying to troubleshoot the problem so
> it
> was turned off. It used to be set to 3 for the account lockout policy for
> bad
> login attempts. In the middle of a domain migration from NT4 to 2003 with
> Exchange 5.5 to 2003 migration. This issue just started a few weeks ago.
> My
> question is could the the 1083 event ids in the DS log be related to the
> account lockout issue. Any other suggestions in trying to find out why
> accounts lockout?



Reply With Quote
  #3  
Old 13-04-2007
Hayman Ezzeldin
 
Posts: n/a
Re: Event ID 1083 & 1955 and account locks

Dear Jmp13
Another few things to try
1- Firstly, ensure that the DNS zone for your domain allows Dynamic Updates
(secure only) and make it AD-Integrated if it isn't already.
2- You should also ensure that your GC is online and operating and that all
clients are pointing to right DCs for DNS (in their TCP/ IP settings).
3- After doing this install "Support Tools" from the Windows 2003 CD.
4- Run REPLMON, check replication and force replication.
5- If replication is successful, run DCDIAG /V /C and NETDIAG /V and look to
see if there are any errors and/ or failures

Best regards

"jmp13" <jmp13@discussions.microsoft.com> wrote in message
news:560D21DB-CE25-43A8-8AC9-593236D9C1FE@microsoft.com...
> Experiencing user accounts getting locked out for no reason. The default
> domain policy has no restrictions. Trying to troubleshoot the problem so
> it
> was turned off. It used to be set to 3 for the account lockout policy for
> bad
> login attempts. In the middle of a domain migration from NT4 to 2003 with
> Exchange 5.5 to 2003 migration. This issue just started a few weeks ago.
> My
> question is could the the 1083 event ids in the DS log be related to the
> account lockout issue. Any other suggestions in trying to find out why
> accounts lockout?



Reply With Quote
  #4  
Old 14-04-2007
jmp13
 
Posts: n/a
Re: Event ID 1083 & 1955 and account locks

Did most of that - everything is fine. DNS is pointing to the NT world. I
will go test that out.

These are user accounts that have been migrated from NT.

"Hayman Ezzeldin" wrote:

> Dear Jmp13
> Another few things to try
> 1- Firstly, ensure that the DNS zone for your domain allows Dynamic Updates
> (secure only) and make it AD-Integrated if it isn't already.
> 2- You should also ensure that your GC is online and operating and that all
> clients are pointing to right DCs for DNS (in their TCP/ IP settings).
> 3- After doing this install "Support Tools" from the Windows 2003 CD.
> 4- Run REPLMON, check replication and force replication.
> 5- If replication is successful, run DCDIAG /V /C and NETDIAG /V and look to
> see if there are any errors and/ or failures
>
> Best regards
>
> "jmp13" <jmp13@discussions.microsoft.com> wrote in message
> news:560D21DB-CE25-43A8-8AC9-593236D9C1FE@microsoft.com...
> > Experiencing user accounts getting locked out for no reason. The default
> > domain policy has no restrictions. Trying to troubleshoot the problem so
> > it
> > was turned off. It used to be set to 3 for the account lockout policy for
> > bad
> > login attempts. In the middle of a domain migration from NT4 to 2003 with
> > Exchange 5.5 to 2003 migration. This issue just started a few weeks ago.
> > My
> > question is could the the 1083 event ids in the DS log be related to the
> > account lockout issue. Any other suggestions in trying to find out why
> > accounts lockout?

>
>
>

Reply With Quote
  #5  
Old 16-04-2007
jmp13
 
Posts: n/a
Re: Event ID 1083 & 1955 and account locks

Changing the clients DNS did not work. Any other suggestions? It is only
happening to a few of the accounts that have been migrated.

"jmp13" wrote:

> Did most of that - everything is fine. DNS is pointing to the NT world. I
> will go test that out.
>
> These are user accounts that have been migrated from NT.
>
> "Hayman Ezzeldin" wrote:
>
> > Dear Jmp13
> > Another few things to try
> > 1- Firstly, ensure that the DNS zone for your domain allows Dynamic Updates
> > (secure only) and make it AD-Integrated if it isn't already.
> > 2- You should also ensure that your GC is online and operating and that all
> > clients are pointing to right DCs for DNS (in their TCP/ IP settings).
> > 3- After doing this install "Support Tools" from the Windows 2003 CD.
> > 4- Run REPLMON, check replication and force replication.
> > 5- If replication is successful, run DCDIAG /V /C and NETDIAG /V and look to
> > see if there are any errors and/ or failures
> >
> > Best regards
> >
> > "jmp13" <jmp13@discussions.microsoft.com> wrote in message
> > news:560D21DB-CE25-43A8-8AC9-593236D9C1FE@microsoft.com...
> > > Experiencing user accounts getting locked out for no reason. The default
> > > domain policy has no restrictions. Trying to troubleshoot the problem so
> > > it
> > > was turned off. It used to be set to 3 for the account lockout policy for
> > > bad
> > > login attempts. In the middle of a domain migration from NT4 to 2003 with
> > > Exchange 5.5 to 2003 migration. This issue just started a few weeks ago.
> > > My
> > > question is could the the 1083 event ids in the DS log be related to the
> > > account lockout issue. Any other suggestions in trying to find out why
> > > accounts lockout?

> >
> >
> >

Reply With Quote
  #6  
Old 17-04-2007
Harj
 
Posts: n/a
Re: Event ID 1083 & 1955 and account locks

On Apr 16, 9:42 am, jmp13 <j...@discussions.microsoft.com> wrote:
> Changing the clients DNS did not work. Any other suggestions? It is only
> happening to a few of the accounts that have been migrated.
>
>
>
> "jmp13" wrote:
> > Did most of that - everything is fine. DNS is pointing to the NT world. I
> > will go test that out.

>
> > These are user accounts that have been migrated from NT.

>
> > "Hayman Ezzeldin" wrote:

>
> > > Dear Jmp13
> > > Another few things to try
> > > 1- Firstly, ensure that the DNS zone for your domain allows Dynamic Updates
> > > (secure only) and make it AD-Integrated if it isn't already.
> > > 2- You should also ensure that your GC is online and operating and that all
> > > clients are pointing to right DCs for DNS (in their TCP/ IP settings).
> > > 3- After doing this install "Support Tools" from the Windows 2003 CD.
> > > 4- Run REPLMON, check replication and force replication.
> > > 5- If replication is successful, run DCDIAG /V /C and NETDIAG /V and look to
> > > see if there are any errors and/ or failures

>
> > > Best regards

>
> > > "jmp13" <j...@discussions.microsoft.com> wrote in message
> > >news:560D21DB-CE25-43A8-8AC9-593236D9C1FE@microsoft.com...
> > > > Experiencing user accounts getting locked out for no reason. The default
> > > > domain policy has no restrictions. Trying to troubleshoot the problem so
> > > > it
> > > > was turned off. It used to be set to 3 for the account lockout policy for
> > > > bad
> > > > login attempts. In the middle of a domain migration from NT4 to 2003 with
> > > > Exchange 5.5 to 2003 migration. This issue just started a few weeks ago.
> > > > My
> > > > question is could the the 1083 event ids in the DS log be related to the
> > > > account lockout issue. Any other suggestions in trying to find out why
> > > > accounts lockout?- Hide quoted text -

>
> - Show quoted text -



Hi,

>> It used to be set to 3 for the account lockout policy for bad

login attempts.

Was/is the registry tattooed? When this setting was set, did you just
disable it or set it to not configured or did you change the value
from 3 to 0?
What you can do is set the value to 0 and see if this still causes
accounts to lockout.
If this does not resolve it you can utilize the following tools to
find the root.

A few reasons accounts get locked out:

1.Applications using cached credentials that are stale.
2.Stale service account passwords cached by the Service Control
Manager.
3.Stale logon credentials cached by Stored User Names and Passwords in
Control Panel.
4.Scheduled tasks and persistent drive mappings that have stale
credentials.
5.Disconnected Terminal Service sessions that use stale credentials.
6.Failure of Active Directory replication between domain controllers.
7.Users logging into two or more computers at once and changing their
password on one of them.

Any one of the above situations can trigger an account lockout
condition

Account Lockout and Management Tools
http://www.microsoft.com/downloads/d...displaylang=en

Good luck

Harj Singh
Power Your Active Directory Investment
www.specopssoft.com

Reply With Quote
Reply

  TechArena Community > Technical Support > Computer Help > Windows Server > Active Directory
Tags: , , ,



Thread Tools Search this Thread
Search this Thread:

Advanced Search


Similar Threads for: "Event ID 1083 & 1955 and account locks"
Thread Thread Starter Forum Replies Last Post
Security Failure Audit Account Logon Event ID 675 Itsme Active Directory 1 01-06-2009 06:53 PM
NTDS Replication Event ID 1083/1955 and account lockouts Vic Active Directory 4 14-05-2009 03:20 PM
Event id 672, 675, 680 - Account getting locked out Rising Windows Security 3 26-04-2009 05:45 AM
error 1504 event id - user account locked out automatically Landon Active Directory 4 21-01-2008 06:03 PM
event ID: 1083 and 1955 ntds replication pain112 Active Directory 8 16-09-2005 03:44 AM


All times are GMT +5.5. The time now is 10:55 AM.