by Klaus Graefensteiner
2. July 2010 03:55
Damn it. I am locked out again. When I try to logon to the domain I get an error telling me that my account is locked out again. If this happens after you just changed your password, then the culprit is most likely a service that is still using your old password or your old password being used by the windows key store when accessing network resources.
The first thing you can do is to ask your network administrator to tell you which computer initiated the lockout. This is half the game. Next you need to look into your windows password key store to see whether there are any credentials stored. This is especially important on machines that are not joined to the domain, but are trying to access network resources using a domain account. Next find the processes that are running under the locked out account.
Here are a few PowerShell commands that will help you troubleshooting the account logout:
#List the processes and the machines for the domain user called "ThePoorDudeThatGotLockedOut"
Get-WmiObject Win32_Process -ComputerName ("easy1","easy2", "notsoeasy3" ) | Where-Object{$_.GetOwner().User -eq "ThePoorDudeThatGotLockedOut"} | Select-Object -Property ("csname", "name")
#List active network connections
netstat -a
#Open "Stored Usernames and passwords" wizard
rundll32.exe keymgr.dll, KRShowKeyMgr
The last command opens the “Stored Usernames and passwords” wizard on Windows 7. My case was solved by deleting the first entry from the list that I used to access a network share. It stored the old password. Alternatively you could edit it and change the password as well.
Figure 1: Windows 7 Stored User Names and Password Wizard
Next time it won’t take this long to fix the account lockout mystery. Let’s hope!
Subscribe
