by Damiaan Peeters
13. September 2010 14:54
Today i had some issues with a locked account.
I downloaded the account lockout tools from Microsoft Download Center.
It includes several tools…
Additional Account Information
There is a very interesting tool called “additional account info”. It gives more information about a user’s password.
Here you have a screenshot.
To see the “Additional Account Info” tab, register the AcctInfo.DLL. on the pc where you are using the MMC “Active Directory Users and Computers” snap-in. (you might need to install the Administrative tools on your client pc if you don’t want to install the plug-in on your server)
Register the DLL
Use the following command :
regsvr32 %systemroot%\system32\acctinfo.dll
(change the path appropriately)
eventcombMT.exe
This is a pretty cool application. It goes searching through all event logs of the Domain Servers.
Use the Menu Searches – Built-in Searches. It saves you lot’s of time. You will see that the servers, event id’s and types are automatically set. The tool is not blasting fast, but it gathers all information from the selected servers and dumps it into text files.
Make sure you have the right permissions to do search the event logs on those servers.
LockoutStatus.exe
To see the current “bad password count” status on all the domain controllers, launch the tool, choose File – Select Target. Enter the right username, and you will see on which domain controller the bad password attempts have occurred.