User account locked out without explanation

We're running a W2K3 Active Directory environment.  We have a problem with
user's AD accounts getting locked out unexpectedly.  An examination of the
domain controller security event logs shows nothing like any bad password
attempts leading up to the lockout.  We did find a series of LSASRV events in
the local PC System log, Event IDs 40961, and 40961, and in the Application
log there were two USERENV events, IDs 1006 and 1030, coinciding exactly with
the time the accounts get locked out.  Google and Bing searches were not
fruitful.  I would appreciate any suggestions on where to look for
information that would shed light on what relation, if any, these events have
on the account getting locked out.

Hello Brad,Start with account lockout tools and also check for conficker, see

Hello Brad,

Start with account lockout tools and also check for conficker, see the following
articles:
http://technet.microsoft.com/en-us/library/cc738772(WS.10).aspx

http://www.microsoft.com/downloads/details.aspx?familyid=7AF2E69C-91F3-4E63-8629-B999ADDE0B9E&displaylang=en

http://support.microsoft.com/kb/109626

http://www.pbbergs.com/windows/articles/UserAccountLockoutTroubleshooting.html

http://support.microsoft.com/kb/962007

Best regards

Meinolf Weber
Disclaimer: This posting is provided "AS IS" with no warranties, and confers
no rights.
** Please do NOT email, only reply to Newsgroups
** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm

Brad wrote on 01/25/2010 10:23 ET :This topic is too old, but I just wanted to

Brad wrote on 01/25/2010 10:23 ET :
This topic is too old, but I just wanted to share a helpful tool if any one
has
the same problem reads this thread in future..

Lockout fixer is a free tool which lets you to quickly determine from where
the
invalid credentials are coming.. You can download lockout fixer here:
http://lockoutfixer.cz.cc/