I have a windows 2000 domain running in native mode with only win2k servers. a PDC and a BDC are in place both with SP4. the domain is a .local with direct inernet access through a cisco 2610 running NAT. Everyday I must unlock all of my user accounts in the AD users and computers plugin. Can you tell me of any known issues that would cause this to happen. I am not seeing any failures in the event log to indicate that my user accounts are being hit by a password attack. This has become a very big problem. This happens every day and sometimes several times a day. I have also experienced a day or two during this problem cycle that the lockout did not occur. Any insight would be very appreciated.