Summary
This article explains how to identify and resolve repeated Active Directory account lockouts that continue after a password reset. In many cases, the lockout is caused by a saved password on a previously connected device, most commonly a smartphone using the GC-Internal WiFi network.
Who This Article Is For
IT Service Desk and End User Services staff.
Symptoms
A Gwinnett County employee’s Active Directory account continues to lock throughout the day even after the password has already been reset.
Cause
This issue often occurs after a password reset when one of the user’s devices or applications is still attempting to sign in with the old password. A common cause is a saved credential on a County-issued smartphone that is connected to the GC-Internal WiFi network.
Resolution Steps
Step 1: Review lockout details in ADAudit Plus
-
Log in to ADAudit Plus using your standard credentials.
-
Select the search icon.
-
Enter the user’s username and press Enter.
-
Review the results. If \\GCNETISEPSN06 appears in the Caller Machine Name field, the invalid credentials are likely being submitted through a wireless connection.
Step 2: Remove and reconnect the saved wireless connection
If the user has a smartphone that previously connected to the GC-Internal WiFi network, have them forget that wireless network and reconnect using the new password.
If the issue continues, repeat the same process on any County laptop or other device the user may have recently signed in to.
If the account lockout still continues, the cause may be another application or saved credential on one of those devices.
Next Steps if Issue Persists
If these steps do not resolve the issue, continue troubleshooting for other saved credentials, mapped resources, or applications that may still be using the old password. Contact the IT Service Desk if additional assistance is needed.
Need Help?
For additional help with account lockout issues, contact the IT Service Desk at 770.822.8915.