Today my boss panic when there is a web account being locked out.
As usual, I am being tasked to investigate. Looking at the event viewer, there is a failed security audit event that states the IIS anonymous account is being locked out. It turns out that one of the virtual directories are using this anonymous web account.
So this account is locked out and the users are unable to access the folder.
So I remote desktop into the server and uncheck the lockout option in the IIS anonymous user under the server's users. Windows administration looks easy as 123, amazing.
However, during the afternoon, there is another event that this account is being lockout again.
Microsoft has a tool that can help check why accounts are being lockout on the server whether it is a hacking attempt or something else.
See this link: http://www.microsoft.com/downloads/details.aspx?FamilyId=7AF2E69C-91F3-4E63-8629-B999ADDE0B9E&displaylang=en