I've tried setting up Netwrix Account Lockout Examiner within my infrastructure.
The ALE is running on Windows 2012 (VM) and the DCs are minimum of 2008 with the domain at 2008. I followed the documentation (Quick Start and Administrators Guide).
To restrict unnecessary permissions, I used the service account method as per the KB https://www.netwrix.com/kb/1396 using Group Policy to deploy the firewall and DCOM permissions.
Within the console, all of the DCs are showing as 'Connection and Audit Status: 'Access Is Denied''.
From the DC, using the firewall logs, I can see that the ALE server is hitting the DC but I can't work out whether the access denied is a network issue or an issue with the permissions.
Using event viewer and the service account, I can connect to the DC and look at the logs.
Is anyone able to offer any insight?