unable to login because your account has been lock out. Using AD Server.

Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

Puevan

Thread Starter
Joined
Feb 16, 2013
Messages
3
Hi Guys,

I'm facing a big problem at my work place. Currently we have 300Pc in the office and 500 Pc in Production area. On 16/1/2013 we have been actack by virus (download.ad, trojen, etc).
I have using Trend Micro 10.0 ver and I found that I need to update the ver. to 10.6. So, I have updated the whole company with the latest version. Than I have managed to solve the virus issue.

Now starting from 1/2/2013, I'm facing a new problem which I have no Idea on it and have no solution for it.(unable to login because your account has been lock out, Please contact your administrator).

I'm Using AD server (domain Server), Every Morning I have to stand by for Unlock account using the ad server
example. user name (right click )>Propeties>account(on tab)>Unlock Accounk check box>Apply >ok.

Than User can Login.

A day I have to do around 200 user.

Is there any solution for this, please share with me and teach me.

I will be happy if there is anyone could help me.

Puevan,
 

kanaitpro

Account Closed
Joined
Feb 13, 2013
Messages
493
are you running server 2003, 2008, or 2012? it sounds like the infection may either still be there or has done some damage to your active directory. i had an infection on one of my servers that required a reload of the server and a rebuild of everything. i was down for 3 days, so be careful and make sure you have time to do this without impacting the users (holiday weekend maybe). what i would suggest is to back up your ad (export the the users to a .csv file), and clear all the users and reload them. IF THIS IS A PRODUCTION SERVER, MAKE SURE YOU HAVE 3 COPIES OF THE INFO. be very careful, you could mess up and hose everything. THE SAFEST WAY TO DO THIS IS TO USE A BACKUP SERVER, you don't want to crash your main server. you may need to use dcpromo to unistall the ad/dns and reinstall it. ONCE AGAIN, I STRESS THE IMPORTANCE OF USING A BACKUP SERVER AND MULTIPLE COPIES OF YOUR DATA. if you need a copy of a batch file to reload the users, i can post one here as a text file and you just change the extension to .bat.
 
Joined
Apr 16, 2012
Messages
165
had a friend with a similar problem.
asked him and he linked me to this post.

Might be worth a shot?.

Microsoft Support found the problem for us. Our domain accounts were locking when a Windows 7 computer was started. The Windows 7 computer had a hidden old password from the domain account.
There are passwords that can be stored in the SYSTEM context that can't be seen in the normal Credential Manager view.
Download PsExec.exe from http://technet.microsoft.com/en-us/sysinternals/bb897553.aspx and copy it to C:\Windows\System32 .
From a command prompt run: psexec -i -s -d cmd.exe
From the new DOS window run: rundll32 keymgr.dll,KRShowKeyMgr
Remove any items that appear in the list of Stored User Names and Passwords. Restart the computer.
 
Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

Users Who Are Viewing This Thread (Users: 0, Guests: 1)

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 807,865 other people just like you!

Latest posts

Staff online

Top