Does anyone know if there is a way that you can monitor for when an AD account is locked out? I looked at the AD probes, but nothing jumped out at me.
I am not sure if you checked the event logs already, but if not you may want to look there for messages about locked out accounts.
Sorry I could not give more specific info.
Maybe ntevl on ad server and check security log for event id 539. believe requires windows auditing to be turned on539 - Logon failure. The account was locked out at the time the logon attempt was made.From: http://technet.microsoft.com/en-us/library/cc776964(WS.10).aspx
Retrieving data ...