When an Active Directory account locks out often, the credentials are probably saved on a computer somewhere in the environment. This post is about how to trace the machine name, so you can update or delete those credentials and solve the lockouts.
First download Account Lockout and Management Tools from Microsoft.
Start LockoutStatus.exe, File –> Select Target, give in the username who has locked out issues.
LockoutStatus enumerates the domain controllers:
Right click the DC where the user was locked out, and Open Event Viewer:
Filter on: Event source (security), Category (Account Management), User (NT Authority\System) and Time (get it from LockoutStatus.exe).
.. and you got the computer name where the account was locked out from:
You got the machine name!
Pingback: Contas bloqueando no AD | WiseInfra