Monday, April 22, 2019

windows 7 - Admin Account Keeps Getting Locked Out


Ever since I changed the admin password on my work domain, the admin account keeps getting locked out in the morning when users start logging on to their computers. I am not sure why a user logging on to their PC would try to use the admin account, but I keep getting Event 675 with failure code 0x18. After a few of these failed logons, the account is locked out. The User ID in the error is the domain admin and the Client Address is the IP address of a user's computer.


After everyone is logged on in the morning, the admin account no longer gets locked out--it only happens during the time everyone logs in. I have not seen a pattern as to specific computers causing the lockout (so I do not suspect an attempted security breach).


Any idea on why this is happening and how I may fix it?


Answer



It sounds like a service or a mapped drive is using the admin account with the old password. The error log should show the IP or name of the computer that has the issue.


No comments:

Post a Comment

hard drive - Leaving bad sectors in unformatted partition?

Laptop was acting really weird, and copy and seek times were really slow, so I decided to scan the hard drive surface. I have a couple hundr...