Locked Account

When a locked user account is attempting to login, the following event is generated.

Tag

Value

Severity

4

Event Name

LockedUser

Resource

UserAuthentication

SubResource

Authentication

Message

Attempt to login using locked account <acct>