Learn how to a build a cloud-first strategyRegister Now

x
?
Solved

MICROSOFT_AUTHENTICATION_PACKAGE_V1_0 locks Windows 2003 Active Directory account - 0xC0000234

Posted on 2008-11-13
4
Medium Priority
?
32,478 Views
Last Modified: 2012-05-05
After resetting a user password through user manager, the account consistently gets locked every few seconds.  

Environment: Windows 2003 SP2 (two active directory servers)

Troubleshooting steps:
Unlock Account...
Reset PW
Removed from all groups   User was a domain admin (by design)
Turned off all users workstations
Turned on enhanced AD logging and get the Event ID: 680
Checked for errant network shares
Disabled/Re-enabled the account - When account is disabled MICROSOFT_AUTHENTICATION_PACKAGE_V1_0 still attempts and gets a failure audit
Full Virus and Spyware scan
AD sync is working as expected
Checked all backup services and windows services for account in use
Checked services on and rebooted all domain and application servers
With domain controller 1 off, secondary got plagued with the same error.

I can re-enable the account and with Event Log or AccountLockout Status watch the failed attempts get chewed up.  I have been combing Microsoft and the rest of the web.  Any thoughts or suggestions would be appreciated.

Errors in Event Viewer (every few seconds over the past 48 hours)
Event Type:      Failure Audit
Event Source:      Security
Event Category:      Account Logon
Event ID:      680
Date:            11/13/2008
Time:            8:48:45 AM
User:            NT AUTHORITY\SYSTEM
Computer:      AD1 (Active Directory)
Description:
Logon attempt by:      MICROSOFT_AUTHENTICATION_PACKAGE_V1_0
 Logon account:      jsmith
 Source Workstation:      
 Error Code:      0xC0000234


Event Type:      Failure Audit
Event Source:      Security
Event Category:      Account Logon
Event ID:      680
Date:            11/13/2008
Time:            9:18:13 AM
User:            NT AUTHORITY\SYSTEM
Computer:      AD1 (Active Directory)
Description:
Logon attempt by:      MICROSOFT_AUTHENTICATION_PACKAGE_V1_0
 Logon account:      jsmith
 Source Workstation:      
 Error Code:      0xC0000234
0
Comment
Question by:PMRS
3 Comments
 
LVL 23

Expert Comment

by:Jeremy Weisinger
ID: 22957296
The error code 0xC0000234 is just telling you that the user is locked out. Can you unlock the account and then look for an event with a different error code?


You might want to check the services and scheduled tasks to see if any are using that user to authenticate. If so, update the credentials.
1
 

Author Comment

by:PMRS
ID: 22959647
Thanks for the feedback.  The issue has been resolved.  
After 1.5 days of mind-numbing troubleshooting, I traced the issue back to a SQL 2005 instance.  Although the users credentials were not visibly in use on any of the databases, or services on this server& the server was running a HP Proliant monitoring tool.    Removing this tool and the associated database (and reloading) resolved the issue.  Users password has changed multiple times since, without issue.
0
 

Accepted Solution

by:
ee_auto earned 0 total points
ID: 24670932
Question PAQ'd, 250 points refunded, and stored in the solution database.
0

Featured Post

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article provides a convenient collection of links to Microsoft provided Security Patches for operating systems that have reached their End of Life support cycle. Included operating systems covered by this article are Windows XP,  Windows Server…
Microsoft Office 365 is a subscriptions based service which includes services like Exchange Online and Skype for business Online. These services integrate with Microsoft's online version of Active Directory called Azure Active Directory.
This Micro Tutorial hows how you can integrate  Mac OSX to a Windows Active Directory Domain. Apple has made it easy to allow users to bind their macs to a windows domain with relative ease. The following video show how to bind OSX Mavericks to …
Sometimes it takes a new vantage point, apart from our everyday security practices, to truly see our Active Directory (AD) vulnerabilities. We get used to implementing the same techniques and checking the same areas for a breach. This pattern can re…

810 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question