Determining where an access violation occurred question?....

  • Thread starter Thread starter Paul Stephenson
  • Start date Start date
P

Paul Stephenson

Today we had to reset a password on an account that is used for a Windows
2003 service. I opened up the Services MMC on all machines that had this
username, and I also changed all IIS 6 Websites that were using this
username/password for anonymous access.

the problem is that we obviously missed a place b/c the account gets locked
out after a couple hours.

We have success/failure auditing turned on for this user, but we have not
been able to find any failures that would help indicate where the problem
was occurring. I have looked on both domain controllers to see if it would
have been reported there, but I was not able to find any failure events in
the security logs for this user. I have also looked at the Security Event
Viewer on all DC's and IIS 6 machines using this user for anon web access.
Also, I checked the security log of the machines that this user has specific
permissions to access folders, but once again no problems there?

Does anyone have any idea on what I could try next?

I appreciate any help that you can give?

Paul Stephenson
 
I would think an account gets locked out because a password was entered incorrectly. Can you change that policy and see if it still occurs?
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Back
Top