On 25/06/2002 03:40:30 AM "Lists" wrote: >We need to find out what is causing this account to get locked out and prevent >it from happening again.
Have you enabled auditing on the NT4 servers? You should at least be able to catch failed logons, then filter for that username. From memory that also includes the machine name the logon attempt came from, presuming it's an NT/2K box. Given that info it should be trivial to determine if your problem user needs an "L" prepended, or if you've got someone playing silly buggers. Given a machine name it should also be reasonably easy to track down the physical location of anyone malicious, presuming they're not loggin in remotely. If they are you should be able to enlist the aid of your local law enforcement - AFAIK in most countries attempting to break into computers is an offense. HTH, Dave -- Dave Hughes [EMAIL PROTECTED] Nothing screams poor workmanship more than wrinkles in the duct tape.
