We are in the process of upgrading our laptops/desktops to Windows Vista and I have now installed the first Vista laptop (name COMP-PC1). This laptop has an admin account and a roaming profile for my domain account (COMPDOM\myaccount).
Whenever a VPN connection is made from that laptop to our network (using aXsGuard VPN), my domain account gets locked out. I enabled netlogon logging as suggested in many solutions to this problem, and I am 100% sure that it is this one Vista laptop that is causing the problem.
This is what I get in netlogon.log:
07/10 11:40:05 [LOGON] COMPDOM: SamLogon: Network logon of COMP-PC1\myaccount from COMP-PC1 Entered
07/10 11:40:05 [LOGON] COMPDOM: NlPickDomainWithAccount: COMP-PC1\myaccount: Algorithm entered. UPN:0 Sam:1 Exp:0 Cross: 0 Root:1 DC:0
07/10 11:40:05 [LOGON] COMPDOM: SamLogon: Network logon of COMP-PC1\myaccount from COMP-PC1 Returns 0xC000006A
The strange thing is that the user account is COMP-PC1\myaccount, which does not exist as an account on the laptop. This account "myaccount" is an AD user account in domain COMP.
So I am 100% sure that the vista laptop is causing the problem, but how do I proceed to find which software is sending the wrong user account/password?
This laptop was installed using the admin account, and I am 99,99% sure that no services use myaccount. After all setup was done, I logged in with myaccount to get the roaming profile. This logon process maps some network drives using the account that logs in (these drive mappings are not persistent), but I don't think this should be the cause of the problem, as this lockout happens when logged in as admin on the laptop (and user myaccount is not logged in at that moment).