MICROSOFT_AUTHENTICATION_PACKAGE_V1_0 locks Windows 2003 Active Directory account - 0xC0000234

After resetting a user password through user manager, the account consistently gets locked every few seconds.  

Environment: Windows 2003 SP2 (two active directory servers)

Troubleshooting steps:
Unlock Account...
Reset PW
Removed from all groups   User was a domain admin (by design)
Turned off all users workstations
Turned on enhanced AD logging and get the Event ID: 680
Checked for errant network shares
Disabled/Re-enabled the account - When account is disabled MICROSOFT_AUTHENTICATION_PACKAGE_V1_0 still attempts and gets a failure audit
Full Virus and Spyware scan
AD sync is working as expected
Checked all backup services and windows services for account in use
Checked services on and rebooted all domain and application servers
With domain controller 1 off, secondary got plagued with the same error.

I can re-enable the account and with Event Log or AccountLockout Status watch the failed attempts get chewed up.  I have been combing Microsoft and the rest of the web.  Any thoughts or suggestions would be appreciated.

Errors in Event Viewer (every few seconds over the past 48 hours)
Event Type:      Failure Audit
Event Source:      Security
Event Category:      Account Logon
Event ID:      680
Date:            11/13/2008
Time:            8:48:45 AM
User:            NT AUTHORITY\SYSTEM
Computer:      AD1 (Active Directory)
Description:
Logon attempt by:      MICROSOFT_AUTHENTICATION_PACKAGE_V1_0
 Logon account:      jsmith
 Source Workstation:      
 Error Code:      0xC0000234


Event Type:      Failure Audit
Event Source:      Security
Event Category:      Account Logon
Event ID:      680
Date:            11/13/2008
Time:            9:18:13 AM
User:            NT AUTHORITY\SYSTEM
Computer:      AD1 (Active Directory)
Description:
Logon attempt by:      MICROSOFT_AUTHENTICATION_PACKAGE_V1_0
 Logon account:      jsmith
 Source Workstation:      
 Error Code:      0xC0000234
PMRSAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Jeremy WeisingerSenior Network Consultant / EngineerCommented:
The error code 0xC0000234 is just telling you that the user is locked out. Can you unlock the account and then look for an event with a different error code?


You might want to check the services and scheduled tasks to see if any are using that user to authenticate. If so, update the credentials.
1
PMRSAuthor Commented:
Thanks for the feedback.  The issue has been resolved.  
After 1.5 days of mind-numbing troubleshooting, I traced the issue back to a SQL 2005 instance.  Although the users credentials were not visibly in use on any of the databases, or services on this server& the server was running a HP Proliant monitoring tool.    Removing this tool and the associated database (and reloading) resolved the issue.  Users password has changed multiple times since, without issue.
0
ee_autoCommented:
Question PAQ'd, 250 points refunded, and stored in the solution database.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Active Directory

From novice to tech pro — start learning today.