This tip was submitted to the SearchWin2000.com tip exchange by member Brian Anderson. Please let other users know...
By submitting your email address, you agree to receive emails regarding relevant topic offers from TechTarget and its partners. You can withdraw your consent at any time. Contact TechTarget at 275 Grove Street, Newton, MA.
how useful it is by rating it below.
We have over 50 domain controllers in our Active Directory domain. Occasionally, we get calls from users reporting account lockouts that are happening several times a day. This problem occurs 99% of the time after a user has logged onto a computer, changed his password, and then forgotten to log off.
To find the computer that's causing the lockouts, we use Microsoft's free utility, AL.exe. This tool allows you to select a target account and determine which DC the account is being locked from. Once the lockout DC is found, the last bad password time will also be displayed. Within AL, right click on the DC open the security event log, and scroll to the time of the last bad password. This is much easier than using Event Comber on 50 domain controllers.