Most of the users account will get locked from locally desktop s and Mobile devices (If company email configured) or Idle sessions on Server / workstation.
Perform the below steps on client side (Local desktop / Laptop)
1. Check If a Local User Account is present with the same Name as AD account,
If same ID is available, Rename local ID to some other ID.
2. Clear Temporary Files
Delete Cookies / Temp Files / History / Saved passwords / Forms / from all the Browsers.
Start — > Run –> Temp –> Delete all temp files
Start –> Run –> Prefetch –> Delete all Prefetch files
3. Remove Mapped drives,
My Computer –> Right click on Shared drive –> click on Disconnect
4. If Adobe reader is installed, backend it will be trying to check for latest update, Delete the Adobe updater file from below path.
Delete the AdobeUpdater.dll file in the folder C:\Program Files\Adobe\Reader 8.0\Reader
5. Remove stored passwords from Control Panel
Start –> Run –> Type Control UserPasswords2 , Click on Advanced managed passwords and delete all the passwords
6. Remote unwanted applications from startups (Run –> msconfig –> startup –> Uncheck unwanted software’s)
7. Scan the entire HDD and update the Antivirus agent
8. Check the third party software’s installed on client side, If it’s not required, Uninstall.
9. Open the Task Scheduler (Run à Tasks) and delete the unwanted tasks. Most of the time, Automatic backup / Google Update / Apple Updates will be installed by default) Remove all.
10. Uninstall Auto update software’s in control panel (You can update these software’s manually)
11. If user’s account acts as a service account.
12. User’s account used as an IIS application pool identity.
Perform the below steps on Mobile devices / Smart phone (BYOD)
If user recently changed password and forgot to update in Mobile devices, that cause the account lockout for user ID,
Does user involved has a smartphone or some kind of mobile device using AD credentials for connecting (like exchange), if it fails to connect 3 times (depending on your GPO’s), it locks his account. Have a look on all his stuff using his user account automatically, specially his mobile (90% of the time guilty).
- Go to account settings in Mobile device and update the latest password.
- Reboot the device if required.
Perform the below steps on Server to find out source of the account lockout.
1. Use account lockout tools to find out more information,
2. Refer below article for more information
3. Track the account lockouts Using the checked Netlogon.dll