How to get local account lockout status over network?

[jarkeld11]

Hi,

Here is my situation: I have a set of Windows servers and
workstations, not in a AD domain by design. Of course, they can all
see each other on my network. From my workstation, I want to be able
to quickly and remotely determine whether a user's account on any of
these machines is locked or not. Is this possible, and if so, by what
means?

I am aware of the LockoutStatus.exe utility which queries domain
controllers to see whether an account is locked out or not. However,
this utility will of course only work by contacting domain controllers.
I want to be able to use this functionality on my non-AD domain, to
see whether local user accounts on XP/2000/2003 machines are locked
out.

I read something about Hyena, but am not sure if this is the utility I
am looking for.

Thanks for any that can be provided.

Brian Masuda

 

[Guest]

If you can set up auditing and figure out exactly which event id and source
is recorded in the event logs when someone is locked out, then I think you
can use the health monitor to notify you in real time of the account lockout
events being recorded.

 

[Colin Nash [MVP]]

Hi,

Here is my situation: I have a set of Windows servers and
workstations, not in a AD domain by design. Of course, they can all
see each other on my network. From my workstation, I want to be able
to quickly and remotely determine whether a user's account on any of
these machines is locked or not. Is this possible, and if so, by what
means?

I am aware of the LockoutStatus.exe utility which queries domain
controllers to see whether an account is locked out or not. However,
this utility will of course only work by contacting domain controllers.
I want to be able to use this functionality on my non-AD domain, to
see whether local user accounts on XP/2000/2003 machines are locked
out.

I read something about Hyena, but am not sure if this is the utility I
am looking for.

Thanks for any that can be provided.

Brian Masuda

Run compmgmt.msc, right click on Computer Management (Local) and connect to
another computer. You can access Local Users and Groups there.

You can also make yourself your own customized mmc console that shows you
the local users and groups for all your servers.

See
http://www.microsoft.com/windows2000/techinfo/planning/management/mmcsteps.asp
(applies to XP too)

 

[Steven L Umbach]

Hyena is not free but SomarSoft is kind enough to offer a free tool called
Dumpsec that should do what you want. It can create a report with usernames
and account lockout status. --- Steve

http://www.somarsoft.com/ --- SomarSoft