Remove From My Forums

Locked Out AD Accounts

Question
0

Sign in to vote

User1504639868 posted

Can someone provide me with a Log Parser query, which would interrogate a server security.evtx file and pull out all AD accounts that are locked out, the date these accounts were locked out and from what PC (Host Name) or the Computers IP Address the lock out occured?

Thanks

Monday, June 29, 2015 7:16 AM

All replies

0

Sign in to vote

User-736483138 posted

There are utilities that can do this. Take a look at this blog post for additional information.

Saturday, July 4, 2015 10:42 AM