Malicious or Innocent: How to Investigate Account Lockouts in the Active Directory Environment

Webinar Registration

In this packed real training for free ™ session I'll be doing “bounce” dives on 2 very technical areas of Windows that have big security risks, take up a lot of admin/support time and cause lost user productivity:

  1. Account lockouts
  2. Securing service accounts

Account Lockouts

A strict account lockout policy is the main defense against online brute force attacks and the weaker your passwords, the stricter your lockout policy needs to be. But the stricter you make your policy the more often a legitimate user locks out their account accidentally. And then there are the inevitable and difficult to track down cases of stale credentials due to all kinds of reasons:

  • Drive mappings
  • Abandoned logon session
    • Local
    • Remote desktop
  • Scheduled tasks
  • Services
  • Mobile devices
  • VPN connections

There's plenty of other reasons but in this webinar I’ll show you how to track down the source of these account lockouts using the Windows security log and other resources.

Service Accounts

Service and application accounts are a common source of risk findings when I perform security audits of Windows/AD environments. Over and over again I find accounts with stale passwords. Accounts that I can demonstrate haven't had their password changed even though one or more administrators have left or gotten job changes. IT departments are loath to change passwords on these accounts out of fear that something will break.

I will show you how to systematically identify every system where these accounts are being used with the Windows Security Log and also show you a free tool from our sponsor, ManageEngine, that searches out every service on every computer on your network to compile a list of all service accounts and where they are used. Bharathwajan from ManageEngine will also show you how ADAudit+ automates the laborious drudgery of diagnosing account lockouts.

First Name:  
Last Name:  
Work Email:  
Phone:
Organization:
Servers & Workstations:
 

Your information will be shared with the sponsor.

By clicking "Submit", you're agreeing to our Privacy Policy and consenting to be contacted by us and the sponsor.

 

 

Upcoming Webinars
    Additional Resources