• Partners
    • Become a partner
    • Channel partners
    • MSP Partners
    • Technology partners
    • Register opportunity
  • Documentation
  • Blog
  • Careers
  • Contact Us
  • Search
  • English
    • English English
    • Deutsche Deutsche
    • Espanol Espanol
    • Français Français
    • Portuguese Portuguese
    • 中文 中文
    • 한국어 한국어
    • 日本語 日本語
eG Innovations Logo eG Innovations LogoeG Innovations Logo
  • Products
    • Product Overview
    • How It Works
    • Monitoring as SaaS
    • Supported Technologies
    • Why eG Enterprise?
    • What's New
    • All Features
    • Application Performance Management
      Application Performance Management
    • Digital Workspace Tools
      Digital Workspace Tools
    • Hybrid Cloud Monitoring
      Hybrid Cloud Monitoring
    • End User Experience Monitoring
      End User Experience Monitoring
    • IT Infrastructure Monitoring
      IT Infrastructure Monitoring
    • Enterprise Application Monitoring
      Enterprise Application Monitoring
  • Solutions
    Full Stack Observability

    Single Console for Applications & Infrastructure.

    eG Enterprise is an end-to-end IT performance monitoring solution that supports over 500+ different technologies.

    It consolidates your disparate, siloed monitoring tools into a single pane of glass to get you to the root-cause of performance problems quicker.

    Role-based access control means everyone on the team can monitor their area of responsibility and create customized dashboards unique to their requirements.

    When problems arise, eG Enterprise has already mapped your interdependencies and automatically correlates application and infrastructure performance to pin-point the root-cause.

    Full stack APM
    End-to-End Monitoring for Digital WorkSpaces

    Deliver the ultimate end-user experience by proactively addressing virtual application and desktop performance issues before your employees notice.

    • Citrix Monitoring

    • Citrix Cloud Monitoring

    • Omnissa Horizon Monitoring
    • alibiba cloud

      Windows 365 Cloud PCs

    • AVD Monitoring

    • Amazon WorkSpaces Monitoring

    • Amazon AppStream Monitoring

    • Microsoft RDS Monitoring

    • VDI Monitoring
    • nerdio logo

      Nerdio Integration
    • Dizzion Frame Monitoring logo

      Dizzion Frame Monitoring
    Endpoint Monitoring
    • Physical Desktop Monitoring logo

      Physical Desktop Monitoring
    • Microsoft Intune Monitoring logo

      Microsoft Intune Monitoring

    • IGEL Monitoring
    • Dell Wyse Device Monitoring logo

      Dell Wyse Device Monitoring
    Trace User Accesses End-to-End Optimize Application Performance

    Deliver high performance applications that are deployed on the cloud, on-premises or in hybrid, multi-cloud environments.

    • Java APM

    • .NET Monitoring

    • PHP APM

    • Node.js APM
    Single Pane of Glass for All Public Cloud Services

    Consolidate your public cloud monitoring into a single dashboard and correlate the root-cause of problems even for hybrid or multi-cloud deployments.

    • AWS Monitoring

    • Azure Monitoring
    • alibiba cloud

      Alibaba Monitoring
    • Google Cloud Platform

      Google Cloud Platform (GCP) Monitoring
    Full Stack Observability for Containerized Environments

    Full visibility into orchestration, worker nodes, containers, application running on them and the underlying infrastructure.

    • Red Hat OpenShift

      Red Hat OpenShift Monitoring

    • Kubernetes Monitoring

    • Docker Monitoring

    • Podman Monitoring

    • VMware Tanzu Monitoring

    • Rancher Monitoring

    • Amazon EKS Monitoring

    • Microsoft AKS Monitoring
    Get 360° Visibilty of Virtual Machine Performance Virtual Machine Visibility

    Unified console for monitoring virtual platforms which analyzes virtualization performance within the context of the business services that it supports.

    • VMware ESX Monitoring

    • Hyper-V Monitoring

    • Nutanix AHV Monitoring

    • RHEV Monitoring

    • Solaris LDoms Monitoring

    • Oracle VM Monitoring

    • Citrix Hypervisor Monitoring
    High Performance Web Server Monitoring

    Track performance and usage by web sites and transactions, error URLs, traffic, queues, slow requests and more in a single console.

    • Microsoft IIS Monitoring

    • Apache Monitoring

    • Nginx Monitoring
    Full Stack Visibility into Web Application Server Performance

    Monitor all aspects of application server performance: JVM, web containers, application transactions and more.

    • Tomcat Monitoring

    • WebLogic Monitoring

    • WebSphere Monitoring

    • JBoss Monitoring

    • SAP NetWeaver AS Monitoring

    • JEUS Monitoring

    • Jetty Monitoring
    Unified and Integrated Server Monitoring

    Track all key performance indicators of server performance from a central web console and get proactive alerts.

    • Windows Server Monitoring

    • Linux Server Monitoring

    • Solaris Server monitoring

    • HP-UX Server Monitoring

    • IBM AIX Server Monitoring

    • Server Hardware Monitoring
    In-Depth Database Performance Monitoring and Insights

    Get visibility into all aspects of database performance - workload, configuration, memory buffers, I/O operations, queries, and deadlocks.

    • SQL Server Monitoring

    • Oracle Database Monitoring

    • MySQL Monitoring

    • Sybase Monitoring

    • MongoDB Monitoring

    • MariaDB Monitoring

    • PostgreSQL Monitoring

    • SAP HANA Monitoring

    • IBM DB2 Monitoring

    • Azure SQL Monitoring
    • Snowflake Logo

      Snowflake Monitoring
    • redis logo

      Redis Monitoring
    • amazon aurora

      Aurora Database Monitoring

    • DynamoDB Monitoring
    Insights into Every Layer, Every Tier of your IT Infrastructure

    Monitor network, server, storage, cloud, containers and more. AIOps-powered insights make monitoring and diagnosis easy.

    • Active Directory Monitoring

    • Azure AD Monitoring

    • Network Monitoring

    • Storage Monitoring

    • Citrix ADC Monitoring
    Middleware Monitoring
    • message queue

      Message Queue Monitoring
    • kafka logo

      Apache Kafka Monitoring
    • kafka logo

      Mosquitto MQTT Monitoring
    • activemq logo

      Apache ActiveMQ Monitoring
    Customized Monitoring of Enterprise Applications and SaaS

    Get in-depth insights and proactively monitor and troubleshoot a wide spectrum of enterprise applications and SaaS services.

    • Office 365 Monitoring

    • SharePoint Monitoring

    • Microsoft Exchange Monitoring

    • SAP Monitoring

    • PeopleSoft Monitoring

    • AllScripts Monitoring

    • Moodle Monitoring

    • Cerner Monitoring
    Vendor-specific Monitoring Solutions

    • Microsoft Monitoring

    • Red Hat Monitoring
    Industry Solutions

    eG Innovations offers specialized IT performance monitoring for a range of industries to help IT teams deliver what their businesses expect of them.

    • Healthcare

    • Education

    • Government

    • Banking & Finance

    • Credit Unions

    • Manufacturing

    • Retail

    • MSPs
  • Solutions
    • By Technology
      Digital Workspace Tools
      Citrix Monitoring Citrix Cloud Monitoring Omnissa Horizon Monitoring Windows 365 Cloud PCs AVD Monitoring Amazon WorkSpaces Monitoring Amazon AppStream Monitoring Microsoft RDS Monitoring VDI Monitoring Nerdio Integration Dizzion Frame Monitoring
      Endpoint Monitoring
      Physical Desktop Monitoring Microsoft Intune Monitoring IGEL Monitoring Dell Wyse Device Monitoring
      Application Monitoring
      Java APM .NET Monitoring PHP APM Node.js APM
      Cloud Monitoring
      AWS Monitoring Azure Monitoring Alibaba Monitoring Google Cloud Platform (GCP) Monitoring
      Container Monitoring
      Red Hat OpenShift Monitoring Kubernetes Monitoring Docker Monitoring Podman Monitoring VMware Tanzu Monitoring Rancher Monitoring Amazon EKS Monitoring Microsoft AKS Monitoring
      Virtualization Monitoring
      VMware ESX Monitoring Hyper-V Monitoring Nutanix AHV Monitoring RHEV Monitoring Solaris LDoms Monitoring Oracle VM Monitoring Citrix Hypervisor Monitoring
      Web Server Monitoring
      Microsoft IIS Monitoring Apache Monitoring Nginx Monitoring
      App Server Monitoring
      Tomcat Monitoring WebLogic Monitoring WebSphere Monitoring JBoss Monitoring SAP NetWeaver AS Monitoring JEUS Monitoring Jetty Monitoring
      Database Monitoring
      SQL Server Monitoring Oracle Database Monitoring MySQL Monitoring Sybase Monitoring MongoDB Monitoring MariaDB Monitoring PostgreSQL Monitoring SAP HANA Monitoring IBM DB2 Monitoring Azure SQL Monitoring Snowflake Monitoring Redis Monitoring Aurora Database Monitoring DynamoDB Monitoring
      SaaS/Enterprise Monitoring
      Office 365 Monitoring SharePoint Monitoring Microsoft Exchange Monitoring SAP Monitoring PeopleSoft Monitoring AllScripts Monitoring Moodle Monitoring Cerner Monitoring
      Infrastructure Monitoring
      Active Directory Monitoring Azure AD Monitoring Network Monitoring Storage Monitoring Citrix ADC Monitoring
      Server Monitoring
      Windows Server Monitoring Linux Server Monitoring Solaris Server Monitoring HP-UX Server Monitoring IBM AIX Server Monitoring Server Hardware Monitoring
      Middleware Monitoring
      Message Queue Monitoring Apache Kafka Monitoring Mosquitto MQTT Monitoring Apache ActiveMQ Monitoring
    • By Vendor
      Microsoft Monitoring Red Hat Monitoring
    • By Industry
      Healthcare Education Government Banking/Finance Credit Unions Retail Manufacturing MSPs
  • Pricing
  • Resources
    Solution Briefs Case Studies White Papers Expert Reviews E-Books Webinars Demos Videos Infographics Glossary
  • About
    About Us Customers Product Support Press Releases Events Awards
  • Partners
    Become a Partner Channel Partners MSP Partners Technology Partners Register Opportunity
  • Documentation
  • Blog
  • Careers
  • Contact Us
  • Free Trial
Free Trial Toggle Menu
  • Blog
  • Detecting and Alerting Account Lockouts
    in Active Directory Servers

Detecting and Alerting Account Lockouts
in Active Directory Servers

Arun Srinivas
Arun Srinivas
Published on: July 17, 2014
Last updated on: August 23, 2022

IN THIS BLOG POST

  • What are Active Directory Servers?
  • Lockouts of User Accounts in Active Directory
  • Active Directory Accounts can be locked in Numerous Ways
  • Troubleshooting Active Directory Account Lockouts with eG Enterprise
  • Why use eG Enterprise for Monitoring Account Lockouts

What are Active Directory Servers?

Active Directory (AD) servers are not often seen as one of the most critical applications in an infrastructure, simply because they often work well. However, if a problem happens in the AD system, it will leave behind a lot of unhappy users. A number of routine tasks you perform in your enterprise network rely on AD. When you log into your desktop, you are authenticated by AD. The scripts that execute when you login are controlled by AD. The files you access can be authenticated by AD. Hence, a blip in your AD servers can severely impact the user experience. Therefore, the Active Directory servers need to be monitored carefully and continuously.

Lockouts of User Accounts in Active Directory

One of the common problems that AD administrators have to deal with is lockouts of user accounts. AD servers often have an account lockout policy set. When a user logs in multiple times and does not enter the right credentials, the account is locked out as a precaution against a brute force. Often an AD administrator has to manually unlock the account.

Account lockout example

In many cases, account lockouts can happen because of user mistakes (e.g., a user forgetting his/her password, or not typing the password correctly). However, the most frustrating cases of account lockouts are the ones when a user entered the right credentials, yet the account was locked out. In such situations, Active Directory administrators often struggle to figure out what is going on.

Active Directory Accounts can be locked in Numerous Ways

There are many situations in which an account can be locked out without the user knowing:

  • Sometimes certain Windows services and scheduled tasks can be configured to run with the privileges of a specific user account. When that account’s credential is changed, an administrator must manually make the changes in the Windows services and scheduled tasks configuration as well. If this is not done the corresponding Windows services and scheduled tasks will fail to execute, and they will also cause incorrect logins to happen.
  • Persistent file shares on a system may be configured with user credentials. If these credentials are not updated, they can result in incorrect logins.
  • Many a times, programs authenticate using Active Directory. For instance, a Citrix XenApp server is configured to use a specific user account when accessing its backend datastore. If the credentials of this account are modified, every time the Citrix server contacts its datastore, an invalid login will be registered in Active Directory.
  • Many organizations implement Active Directory in a redundant configuration. If replication across Active Directory servers is not working correctly, one of the AD servers could have the old credentials for a user account. When the user logs in, this can result in a login failure.
  • Users these days access their systems from multiple devices. Password information is stored in each of these devices. When a user changes his password, all of the devices have to be updated with the new password. If the changes are not done correctly on all the devices, invalid logins will occur.

Troubleshooting Active Directory Account Lockouts with eG Enterprise

While many organizations proactively monitor their critical applications – web servers, databases, middleware servers, etc., Active Directory monitoring is often done re-actively, after users complain. As I mentioned earlier, Active Directory issues are often very disruptive. The longer the diagnosis takes, the greater the loss in user productivity.

Most organizations adopt a manual, time-consuming process for handling user lockouts. There are a number of detailed tools available for diagnosis of such problems. Often, such diagnosis has to be done by the experts. If a malicious attack happens on the Active Directory system, many a time, the operations team becomes aware of an account lockout issue only after it is too late.

eG Enterprise provides an automatic and simple way to monitor account lockouts in Active Directory. The AD monitoring system detects the accounts that are currently locked out. It can also be configured to detect and report on any new account lockout events.  Alerts will be triggered to administrators as soon as an account lockout is detected. Critically, the alerts are detailed enough, providing administrators with information as to why the lockout happened –which device did the user connect from and which domain did he/she log into. Administrators can also get detailed reports on accounts locked during a specified period.

Account lockout details are important to problem resolution

In addition to alerting administrators and providing a detailed report on user lockout events, eG Enterprise also monitors other aspects of Active Directory performance. For instance, in the above example, the AD monitoring system detected replication failures between AD servers that were causing the account lockouts.

Replication errors can also cause lockouts.

Why use eG Enterprise for Monitoring Account Lockouts

Microsoft provides tools that administrators can use to detect and manage Active Directory account lockouts. The table below summarizes how eG Enterprise can simplify account lockout detection and alerting:

Feature
eG Enterprise
Microsoft Tools
Automatically detects account lockouts as soon as they occur tick delete No, tools have to be run manually for detecting account lockouts
Proactively alerts administrators about account lockouts via email/SMS, before users complains tick delete Administrators are not proactively alerted because of which administrators become aware of an account lockout issue only after it is too late.
Automatically find the source of account lockouts – Windows services and scheduled tasks using wrong credentials, Replication failure and a particular Active Directory server having wrong credentials, etc. tick delete No, manual routine investigation configuring for each specific situation must be performed.
Monitor multiple domains and domain controller at the same time tick delete No, must connect to each domain controller manually.

Comprehensive monitoring and diagnosis of Active Directory servers provides several benefits. Given how critical Active Directory is to the functioning of any IT infrastructure, proactive monitoring is a must. With the right Active Directory monitoring capabilities in place, administrators can detect and fix problems quickly – often well before users notice and complain. This greatly improves user productivity and satisfaction.

 

 

eG Enterprise is an Observability solution for Modern IT. Monitor digital workspaces,
web applications, SaaS services, cloud and containers from a single pane of glass.

Free Trial  See the platform

Related Blogs

How to Monitor PowerShell Activity and Detect PowerShell Exploitation Vulnerabilities
eG Enterprise

How to monitor PowerShell activity and detect PowerShell exploitation vulnerabilities
Babu Sundaram
by Babu Sundaram
May 13, 2025
End-to-End IT Observability voor Ziekenhuizen
End-to-End Monitoring (E2E)

End-to-end it observability voor ziekenhuizen
Barry Schiffer
by Barry Schiffer
February 18, 2025
What is Shadow IT? Will AI make this more challenging?
Application Performance Monitoring (APM)

What is Shadow IT? will AI make this more challenging?
Mike Ferioli
by Mike Ferioli
September 25, 2023
Discover, Diagnose, and Resolve IT Performance
Issues with Full Stack Observability
Get Started

PRODUCT

How It Works Key Features SaaS Deployment Supported Technologies Pricing Benefits Why choose eG New! eG Enterprise v7 Application Performance Management Digital Workspace Tools Hybrid Cloud Monitoring IT Infrastructure Monitoring End User Experience Monitoring

Solutions

Citrix Monitoring Omnissa Horizon Monitoring Azure Virtual Desktop Monitoring AWS Workspaces Monitoring AWS Cloud Monitoring Azure Monitoring Java Application Monitoring .NET Monitoring SAP Monitoring VMware Hypervisor Monitoring Network Monitoring

Resources

Demos Webinars White Papers Case Studies Expert Reviews Alternatives Media Kit Glossary

Company

About Us Customers Partners Support Documentation Press Releases Awards Careers Blog Events Contact Us>

eG Innovations, Inc.,
33 Wood Ave. South, Suite 600, Iselin,
NJ 08830, USA Phone: +1 (866) 526 6700

eG Innovations B.V.,
WTC, Den Haag, Prinses Margrietplantsoen 33,
2595 AM Den Haag,
The Netherlands Phone: +31 (0)70-2055210

  •

© 2025 eG Innovations. All rights reserved.

Privacy Policy  |  Terms of Use