Blog
Projects
About
Backtrack:
Blog
›
Troubleshooting AD account loc…
Comments
Troubleshooting AD account lockouts with NETLOGON logging
posted on September 12th 2017, at 09:47
by
lunarg
Occasionally, you may encounter AD account lockouts and the reason for the lockout is not always apparent. Enabling NETLOGON logging on your domain controllers may help in this regard. The NETLOGON log file will provide a detailed logging of all NETLOGON events and helps you to trace the originating device on which the logon attempts (and subsequent lockout) occurs.
To enable NETLOGON logging, run the following command (from an elevated command prompt):
nltest /dbflag:0x2080ffff
The parameter is a integer value of flags, and 0x2080ffff is the highest level, showing detailed timestamps, the domain controller clients authenticate against, client site, account password expiration, and much m
...
read more
add a comment
Tags
computer
windows
software
vmware
microsoft
linux
exchange
hardware
network
news
mac
powershell
home
office365
msoffice
ad
server
sqlserver
dell
soaring
internet
esx
sbs
mssql
rds
events
terminalserver
powercli
hp
virtualization
Archive
«
‹
December 2024
›
»
Sun
Mon
Tue
Wed
Thu
Fri
Sat
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
Links
-
@harkx
-
Cats & Dogs
-
Jargon-free Security Guide
Quote
«
Have you tried turning it off and on again?
»
The IT Crowd
Contact
© 2009-2024 Black Manticore – all rights reserved
code by
lunarg
, design by
SuriAmanah
, hosted at Cats&Dogs