Active Directory Service Account status Monitoring for locked

Document ID : KB000129553
Last Modified Date : 15/03/2019
Show Technical Document Details
Question:
Is there any direct probe | way to monitor the status of AD service account for locked status?
Environment:
UIM 8.51
Answer:
We do not have a dedicated probe for monitoring AD account lockouts. However, you may install a robot on a domain controller and then use the "ntevl" probe to monitor the security event log for account lock outs and alarm as needed. please do be careful and test this in your lab. On extremely busy domain controllers enabling monitoring of the security event log may cause impact on the domain controller.