Go to All Forums

User Lockout in Active Directory

I would love the Active Directory monitor to offer information on user lockouts to help identify and isolate problematic recurring lockouts.
Like (1) Reply
Replies (4)

Can you be more specific about what type of information you would need to monitor user lockouts?
Like (0) Reply

Sure. Thanks for your reply.

Recently, we have been seeing a lot of brute force attacks on external facing RDP.  We have a tool that alerts us if a user is locked out, but it doesn't give us any other info.  We also have other lockouts related to cell phones attached to email, etc.

It would be very helpful for us to be alerted if particular user is having recurring, frequent lockouts.

It would also be helpful to easily identify the source of the lockout.  What server and service is the user attempting to connect, the origination IP address of the connection attempt, etc.

Hope this helps,
Like (0) Reply

At present, we do not support monitoring of the metrics specified. However, you can use our ManageEngine AD Audit Plus for monitoring these metrics
Like (0) Reply

any progress on this to find out a specific lockout account on AD?

Like (0) Reply

Was this post helpful?