We had a situation recently that has raised some questions. We have a spam filter that uses ldap to query for real accounts before allowing email in. A service account is used for the ldap query.
That password got changed/expired/something happened to it last night so all email was being blocked. When I looked at the account in AD the account was not locked out and the password was set not to expire. I re entered the password and tested LDAP with no issues.
Now here is my question, can you think of any way to setup monitoring using IP monitor to test if a certain account and password is working.