Issue:
System administrators dread account lockouts, and they happen a lot with Active Directory (AD). The majority of AD account lockouts are caused by one of two ways. Either the user has forgotten their password or they have changed their password on a new device but not on an older device.
Environment:
AD Account Lockouts.
Cause:
1. Mapped Drives Using Old Credentials
To connect to a shared resource, mapped drives can be set to use user-specified passwords. The user can then change the password without having to update the credentials in the mapped drive. It’s likely that the credentials will expire, resulting in account lockouts.
2. Systems Using Old Cached Credentials
Some users log on to multiple computers at the same time. These additional computers may have apps that use old, cached credentials, resulting in accounts being locked.
3. Applications Using Old Credentials
Several apps on the user’s PC may either cache or explicitly define the user’s credentials in their setup. The account will be locked if the user’s credentials have expired and have not been changed in the applications when updated.
4. Windows Services Using Expired Credentials
User-specified accounts can be used with Windows services. These ‘user-specified accounts‘ credentials may expire, and Windows services may continue to use the old, expired credentials, resulting in account lockouts.
5. Scheduled Tasks
Whether the user is logged in or not, the Windows task scheduler requires credentials to run a task. User-specified credentials, which can include domain credentials, can be used to generate various tasks. These credentials given by the user may expire, and Windows processes will continue to use the previous credentials, resulting in a lockout.
All these problems are generally caused by expired credentials. They can be resolved by following these steps.
Resolution:
- Step 1: Go to Start > Control Panel > User Accounts > Credential Manager.
- Step 2: Click on the Windows Credentials option.
- Step 3: Look for the set of passwords that has either Outlook or Microsoft Office in its name. Proceed to expand the corresponding folder.
- Step 4: Then click Remove from Vault
Conclusion:
Anakage CoBot can fix the issue “Account Locked Frequently” in minutes, unlike the traditional manual support which can run into hours and even days. Anakage Cobots can be run from the Self Service Portal or the Desktop Application (Agent) installed at the end point.
There is much more you can automate, check our website for more details. Click here to see a video on Offline Cobot, which is an agent at the end point that can troubleshoot without providing admin access to the users.
Would you want your users to self-resolve such issues?
Please fill up this form, let us connect and walk you through IT Help Desk Automation use cases.
Read More:
HOW TO MANAGE ENVIRONMENT VARIABLES IN WINDOWS?
HOW TO SETUP TIME ZONE IN WINDOWS?
HOW TO REPAIR CORRUPTED WINZIP FILE?
HOW TO RESOLVE BROKEN IMAGES IN EMAIL BODY ?
HOW ACCOUNT LOCKOUTS FOR VARIOUS CREDENTIALS CAN BE RESOLVED
0 Comments