To start using Netwrix Account Lockout Examiner, download it from Netwrix web site. Once the download completes, run the executable from your browser menu or from your Downloads folder.
To find out why an Active Directory account was locked out, perform the following steps:
- Set up the auditing as described in Planning and preparation section.
- Download the application onto a computer within the domain where lockouts happen.
- Run the application.
- Supply the name of the account that was locked out.
- Specify examiner credentials – the user account that will be used to run the examination, access domain controllers, and so on. The account must be a member of the Domain Admins group.
- Click Examine.
Once the examination completes, you will be presented with a list of reasons why the account you supplied is being locked out.
Log files of Netwrix Account Lockout Examiner can be found in the %ProgramData%\Netwrix Account Lockout Examiner\Logs folder.
|In the environments with root/child domains, you may receive the “Could not query ComputerName. Access is denied.” error.||
The account used to run Netwrix Account Lockout Examiner is not a member of the local Administrators group on the workstations in both root and child domains. Administrative rights are required to access the Security Event logs on these workstations.
|Make sure this account is included in the local Administrators group.|
|Issues encountered during examination section is shown in the examination results.||Most probably this means that Netwrix Account Lockout Examiner cannot reach some of the data sources it needs.||