Accountant
asked on
LAN Credentials repeatedly lock out
LAN Credentials repeatedly lock out
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Another culprit could be windows' saved passwords. In XP, Control Panel / User Accounts / Advanced / Manage Passwords.
But first you gotta figure out which machine. Using EventCombMT, search all your DCs' security logs for failure audits containing event 680. Put the user name that keeps getting locked out in the "Text:" field. After the search, look in the resulting txt files (start with the largest one) for error 0xC000006A; there should be a number of them corresponding to your domain's lockout policy. Each one of those lines will list a workstation; that will be the one that is sending the wrong password and locking out the account. The other lines listing error code 0xC0000234 are where machines/users tried to access the account after it was locked out.