Below is the procedure I used to follow to find out the such frequent AD lockout issues,If you have enough privilege you can check all the details below mentioned from LockoutStatus.exe itself.If you don't have enough privilege you may need to login to the AD server to continue troubleshooting
1.Download and Install Account Lockout Status (LockoutStatus.exe) from here
After Installation default location of LockoutStatus will be here - C:\Program Files (x86)\Windows Resource Kits\Tools
On the File menu, click Select target.
Type the AD username of the user you want to find AD lockout and Enter your domain name then click OK
Then you can see the list of all AD servers in your domain and many other details Including the bad password counts etc.In that list there was a tab called Orig Lock.Below that tab you can see the AD server were user is getting lockout
2.Login to that AD server and go to event viewer (From Start > Type "Event viewer")
3.In event viewer go to Windows logs > Security
4.Right click on "security" and select "Filter current logs"
5.In place of <All Event ID> type 4740 and Click OK [Event ID 4740 - A user account was locked out]
6.You can see the list of user lock out happened in that AD server ,Search for the recent event to find out the the server/Desktop where the users account is getting continuously locking out.Double click on the recent event ID and there will be a pop-up window which will show a message like below
In above case account lockout of USER shabeer was happening in FILESERVER
7.Log into that server/Desktop where account lockout is happening(here its FILESERVER)and go to task manager >users tab and see if there was a disconnect session from the user who is getting locked out.If there is a disconnect session from user,Logout user from that machine (Sometimes user will just disconnect a RDP session to that server without proper log off and this may cause account lockout issue)
8. In Most cases issue will be resolved by this.If there is no session of the user.Check the server for any application running it which is using AD credentials.If you found any such applications logout user from it.
9.You can also remove the previous password cache which may be used by some applications and therefore cause the account lockout problem by below steps
1. Click Start, click Run, type “control userpasswords2″ (without the quotation marks), and then click OK.
2. Click the Advanced tab.
3. Click the “Manage Password” button.
4. Check to see if these domain account’s passwords are cached. If so, remove them.
5. Check if the problem has been resolved now.