Table of Contents
- Introduction
- System Requirements
- Assign Service Logon As Credentials
- Server Configuration
- Agent-Based Monitoring
- Data Providers
- Directory Services
- Audit Work Items
- Hosts
- Templates
- Template Properties
- Batch Update Templates
- Log Management Templates
- File and Directory Monitor Templates
- Windows Monitor Templates
- Account Lockout Monitor Template
- Logon Monitor Template
- CPU Monitor Template
- Memory Monitor Template
- Disk Space Monitor Template
- SMART Monitor Template
- Process Monitor Template
- Service Monitor Template
- Performance Counter Monitor Template
- PowerShell Script Template
- Registry Value Monitor Template
- Active Directory User Monitor Template
- Active Directory User Integrity Monitor Template
- Task Scheduler Template
- Clock Synchronization Template
- Defragment NTFS Disks Template
- Network and Application Monitor Templates
- Database Monitor Template
- Directory Service Monitor Template
- DNS Blacklist Monitor Template
- DNS Monitor Template
- Domain Expiration Monitor Template
- Network Speed Monitor Template
- Ping Monitor Template
- SQL Server Shrink and Backup Template
- SSH Shell
- TCP Port Scan Monitor Template
- Website Monitor Template
- SSL Certificate Monitor Templates
- Email Monitor Templates
- SNMP Monitor Templates
- Monitors
- Reports
- Auto-Configurators
- Filters
- Actions
- Schedules
- Environment Variables
- Options
- Account Lockout Monitoring and Reporting
- SNMP
- SSH Shell
- Exporting and Importing Configuration Objects
- Shared Views
- Auto-Config Host Assignment Properties
- General Executable Properties
- Assign Actions
- Assign Directories
- Assign Disks
- Assign Shares
- Assign Files
- Assign Consolidated Logs
- Assign Event Logs
- Assign Active Directory Audit Logs
- Target Files and Sub-Directories
- Define Log Entry Columns
- Define Log Entry Columns with Regular Expressions
- Define CSV and W3C Log Entry Columns
- Active Directory User and Group Filters
- Explicitly Assigned Logs
- File Explorer
- Report Columns
- Report Date/Time Ranges
- Report Security Event Log Filters
- Select Folder or File
- Command Line Interface
- Troubleshooting
- Terminology
Account Lockout Reports
Sever Manager includes two different account lockout reports.
| Type | Description |
|---|---|
| Security Event Log Account Lockout Report | Scan multiple Domain Controller Security Event logs for domain account lockout history and/or scan multiple stand-alone server Security Event logs for non-domain local account lockout history. |
| Account Lockout Report (Active Directory/WMI) | Scan multiple domains for currently locked out domain accounts and, optionally, scan multiple stand-alone servers for currently locked out non-domain local accounts. |
Security Event Log Account Lockout Report
Server Manager includes a sample report that scans the Security Event Logs in the Log Database for lockout history.
 |
Event Log Consolidation must be enabled for each target domain controller and stand-alone server. |
- From the Explorer View, navigate to Reports | Sample Reports | Event Logs | Security Reports | Account Lockout, right click on Account Lockout Report then select Properties. The Properties View displays.
- The Properties View contains 7 configuration tabs.
The Options Tab
- Use the Show currently locked out accounts option to show all accounts that are currently locked out without any prior history.
-
Use the Show lockout history option to include the number of times an account has been locked and manually unlocked.
Windows only logs unlock events when an Administrator manually unlocks an account. Windows does not log each time an account automatically unlocks.
Account Lockout Report (Active Directory/WMI)
Server Manager includes a sample report that scans Active Directory and stand-alone servers for locked out accounts.
- From the Explorer View, navigate to Reports | Sample Reports | Event Logs | Security Reports | Account Lockout, right click on Account Lockout Report (Active Directory/WMI) then select Properties. The Properties View displays.
- The Properties View contains 4 configuration tabs.
The Options Tab
- Use the Scan Active Directory for locked out domain accounts check box to scan Active Directory then use the Directory Service drop-down to select the domain to monitor.
- Use the Scan assigned machines for locked out local accounts check box to scan stand-alone servers for locked out non-domain local accounts.
Host Assignment
-
Use the Assignments View to assign each target host and host group.
Only assign stand-alone servers to this report if you are generating a report of non-domain account lockouts. Do not assign any hosts if you are only monitoring domain accounts.