Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

Domain account locks out on computer startup

Posted on 2008-10-22
8
Medium Priority
?
684 Views
Last Modified: 2012-06-27
Hi Experts-

I and one of my coworkers are having an issue where every morning when we come in to work and turn on our laptops, our Windows accounts are locked out. Once unlocked, the accounts stay unlocked until the computer is turned off or restarted. Once the computer comes back up, the accounts lock out again.

Let me say at the get-go that I am not in any way shape or form a domain controller, and have no access to the domain logon servers. We do have a corporate policy where 3 incorrect password attempts will lock out a user account. The web console that performs the unlocking consistently shows 3 bad password attempts from our usernames even though we haven't even logged into Windows yet. Somehow the act of starting Windows sends multiple bad passwords.

I've read as much as I can find online about this problem, and I don't believe it has anything to do with network shares or Windows services, because as I said, the lockouts occur during Windows startup before login. My coworker and I have called our company's help desk and they have exhausted all their resources as well, and the only thing we have to go on are a couple of printouts of the login failure audits (I have attached this document). These do at least show that the lockouts are coming from our own particular laptops, which not only discounts that we're logged in to other computers using old passwords, but also explains why we're both able to log in to other computers without issue.

So without having to access the domain server or look at the Event Log, is there any way to figure out what is causing this problem just for the two of us, while none of the other unit members are experiencing it?
Server-toolbox.doc
0
Comment
Question by:SeTech
  • 4
  • 3
8 Comments
 

Expert Comment

by:mjbtec
ID: 22779498
It sounds like you're trying to connect to a shared drive that's expecting a different password from what you currently use. Try changing your password from the Ctrl-Alt-Del window.
0
 

Author Comment

by:SeTech
ID: 22779558
Even before Windows logs in? There are no shared drives connected before Windows even logs in.

Also, neither my coworker nor I began experiencing this problem right after a password change. It began randomly one day with me, about 3 weeks before my next scheduled password change. 2 weeks later, my coworker started having the same problem, and he hadn't changed his password for weeks either.

Like I said, the usual culprits don't seem to match up here.
0
 
LVL 4

Expert Comment

by:Scott1201
ID: 22779622
Try removing the network cable from your laptop before you boot your laptop, and leave it unplugged until after you've logged into Windows.  Then re-connect the cable.  (This isn't intended to be a solution, just a troubleshooting step.)  If the account doesn't lock up, then maybe a Windows service is trying to start during system bootup with an incorrect stored password.
0
Lessons on Wi-Fi & Recommendations on KRACK

Simplicity and security can be a difficult  balance for any business to tackle. Join us on December 6th for a look at your company's biggest security gap. We will also address the most recent attack, "KRACK" and provide recommendations on how to secure your Wi-Fi network today!

 

Author Comment

by:SeTech
ID: 22779675
2 things -
- First off, that's actually what my coworker does to be able to get into the web console that we use to unlock ourselves...my method is just use a spare laptop to access it. So basically, you're spot-on, it doesn't lock us up until our computers are on our company's private network. If we use our laptops from home and log into Windows first, then into the VPN client, we don't get locked out at all.
- Secondly, I had read about Windows Services running under a user name and hadn't really been sure of that, but since you suggest that, I'll be perfectly willing to go along with that idea. So how can I really tell definitively what Windows Services are running at Startup, and under what usernames, so that I can really try and nail this problem down?
0
 
LVL 4

Accepted Solution

by:
Scott1201 earned 2000 total points
ID: 22779798
If you open Control Panel - Administrative Tools - Services you should see a column for "Startup Type" and one for "Log On As".  Anything with "Startup Type" set to Automatic will try to load at system boot.  Check all of the services to see if any are set to log on as a user account.  Most will be Local System, Network Service, or Local Service.

If that doesn't work, you can use Start - Run, msconfig and check the Startup tab.  These are programs that run as you're starting the machine, some will probably be running before you actually log in.  It's feasible to try unchecking a few of these items, then go through the normal steps to see if the lockup happens.  Alternately, if you want to post a list of the startup items, we can try to choose likely culprits to uncheck.
0
 

Author Closing Comment

by:SeTech
ID: 31508879
Wonderful! This has been plaguing us for almost a year!!!
0
 

Author Comment

by:SeTech
ID: 22779891
WONDERFUL! Turns out some SQL Server 2005 services were set to Auto and had an old password associated! I disabled them, rebooted, and no lock! Thank you SO MUCH!
0
 
LVL 4

Expert Comment

by:Scott1201
ID: 22779974
Setting those services to "manual" and/or correcting the password should fix the problem also, without having to disable the SQL Server functionality.  Glad that worked!
0

Featured Post

[Webinar] Cloud and Mobile-First Strategy

Maybe you’ve fully adopted the cloud since the beginning. Or maybe you started with on-prem resources but are pursuing a “cloud and mobile first” strategy. Getting to that end state has its challenges. Discover how to build out a 100% cloud and mobile IT strategy in this webinar.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

When replacing some switches recently I started playing with the idea of having admins authenticate with their domain accounts instead of having local users on all switches all over the place. Since I allready had an w2k8R2 NPS running for my acc…
For both online and offline retail, the cross-channel business is the most recent pattern in the B2C trade space.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Monitoring a network: why having a policy is the best policy? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the enormous benefits of having a policy-based approach when monitoring medium and large networks. Software utilized in this v…
Suggested Courses

971 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question