Troubleshooting Account Lockout (Technet)
Account Lockout and Management Tools
Account Lockout Status (LockoutStatus.exe)
SCOM Alerts & Audit Collection Services
You should be able to setup an event collection on the Security event log for that lockout and a few other events so that you get an alert. Here a just a few events that you could alert on to help monitor that account. Event ID 531 : Account disabled Event ID 532 : Account expired Event ID 535 : Password expired Event ID 539 : Logon Failure: Account locked out Event ID 644 : User account Locked out
These article have a pretty good list of other security event id’s that you can alert on as well.
<p>I liked your way of presentation. The information you provided is great, Thank you for this, and hope in future you will come with more knowledgeable information.</p>
Check this and finish this problem http://farisnt.blogspot.ae/2014/02/why-ad-user-account-locked-out.html