Report on locked user accounts

In a best case scenario, an unauthorized user attempting to log in with an authorized user's account results in a locked user account. Using AD Logga, you can identify the computer that initiated the attack.

Create the report

1. Log in to the Access Rights Manager application.

2. Click Start in the toolbar.

3. Under Security Monitoring, click AD Logga Report.

   

4. Configure the report settings.

   

5. In the Title and Comment fields, enter a title and comment for the report.

6. In the Objects, Event Type, Event Author, and Object Class boxes, define the report range.

   For the event type, select Account locked.

7. Click the Settings drop-down menu and define the desired settings.

8. Click Start to generate the report.

See the following sections for more information.

• Analyze AD Logga events with the logbook

• Set alerts for groups

• Set alerts for user accounts