Active Directory Account Keeps Locking Out: Best Way to Track the Source

Active Directory Account keeps locking out is quite a common issue in the Active Directory service. It can cause a lot of inconvenience in looking up and managing your devices. Moreover, you might have to spend quite a lot of time re-enabling the locked-out account. So, you might want to act quickly if you want to fix this issue all by yourself. 

You must find out the source of the first account lockouts on your Active Directory. The information below should help you with the popular query: “Active Directory account keeps locking out the best way to track”. Also, keep reading to know some simple troubleshooting steps for this issue. 

5 Steps to Track the Source of the Active Directory Account Lockout

Do you have the details of the account that has been locked out? Then, you can proceed with finding the source right away. But, if you do not know the locked out account, you need to find it first. 

And, here is the simplest way to do that, and then find the source of the problem: 

Find the Domain Controller with PDC Role

The first step you must take is to find out the DC with the PDC emulator role. If you are wondering, the PDC emulator plays a crucial role in handling time synchronization. And, the domain controller (DC) is the server computer responsible for allowing the host access to domain resources. It responds to any security authentication requests.

You can use the command line in Powershell to find the domain controller with this role. Open the program and enter “<get-addomain>.pc emulator”. Then, check the name of the DC with the PDC role from the result. 

Check for the Event ID 4740 on the DC

The domain controller with the PDC role should contain the account lockout error in its log. If you are wondering, the code for this error is Event ID 4740. You can find it by going to Windows Logs through the Start menu. Right-click on Security and open the Filter Current Log. You should find all the recent errors in this section. 

Apply Filters 

The Filter Current Log allows you to use filters for finding the information you are looking for. You can find the account lockout source quite easily by using the right filters. Select the time range within which the issue occurred to find it more easily. You can also enter the event ID code, in this case, “4740”. 

Apart from that, you can also select a user and computer to narrow down the report further. Click on OK for applying the filter you have selected. This will bring up the reports that match the filter. 

Find the Account Lockout Event

If you have applied the right filters, you should see the account lockout event among the results. Click on it and open the action panel for this report. Then, click on Find to know the user account that faced the lockout in the server. You can find the cause of the active directory account keeps locking out after that as well. 

Open the Event Report

Now that you know the account that has been locked out, and you must also know the device. To do that, you need to open the General tab of the event report. You can find many other details there apart from the device’s name. Check the name given next to the Caller Computer Name in the event report. This would be the computer that has faced account lockout. 

How to Troubleshoot Repeated Account Lockouts in Active Directory?

The aforementioned steps only help you detect the source of the active directory account keeps locking out. So, you need to apply the appropriate solutions to the issue now. Here are the best methods to resolve frequent Active Directory account lockouts: 

Change the Active Directory Use Account Names 

One or more usernames in the server might match your AD account. As a result, the accounts with similar names might face frequent lockouts. Changing the username of your AD account might fix the issue over the long term. You can do that by going to Active Directory Users and Computers. 

Open the Employees Organisational Unit and right-click the username you want to change. Then, click on the Rename option and enter the new name. Continue using the Active Directory once you are done and check the problem. 

Clear Your Temporary Files

Your PC might have quite a large volume of temporary files that can often get corrupted. As a result, you might face a wide range of problems with your device. And, the Active Directory account lockouts are one of the issues they can cause. 

So, you must consider clearing temporary files from your device. There are various ways you can proceed with that. 

Go to Windows Settings on your device and open the System section. Click on Storage and select ‘This PC’ to view your storage information. Open the Temporary Files options and opt for removing them. You can also perform this task through the Disk Cleanup program. 

Bring up Disk Cleanup, using the Start menu search bar and check the box next to ‘Temporary files’. Click on OK to delete them from your device. 

Remove Stored Passwords

You can also fix the frequent AD account lockouts by clearing all the passwords stored on your PC. Especially so, if you have stored a large volume of passwords. You can take this step by going to the Control Panel using the Start menu search bar. 

Open the Windows Credentials Manager and opt for removing the stored passwords. You can then store the passwords on your device again if you want to. 

Other Solutions to AD Account Frequent Lockouts

You try some more solutions to fix the repeated account logouts apart from the aforementioned ones. And, that includes clearing the log and prefetch files from your device. You can also try disconnecting any mapped drives from your PC. If that does not work, removing some unwanted third-party apps might also help.