User frequently locked out of active directory for no apparent reason

It may be down to a drive mapping passing the incorrect credentials or some software passing the password regularly.
Are there any drives mapped?  If so - delete all drive mappings and see if the problems go away.  If the problem goes away, remap the drive through DOS using the following syntax:
net use x: \\server\share /user:domain\username password /persistent:yes (change the relevant pasrt - server - share - domain - username - password)
Is there are software running when the lockouts occur?  If so, close them down one at a time until the problem goes away.  The last one closed will be causing the problems.

This is just an idea but I've seen mysterious lockout issues such as this regarding Outlook and Exchange. I don't know if you use Outlook in your environment, but your zones list Exchange so I'm assuming you do. Make sure your PC CMOS clock is set properly and make sure the Windows clock is in sync with the domain controller. What I believe might be happening is as Outlook passes the authentication credentials to the domain controller they are getting rejected, because of a time sync issue thus locking the user out, because of too many failed attempts.

I experienced this issue once and the culprit was a malware sitting on the User's Workstation that was trying to automate logging into the Domain Controller.
I remove the malware using security software and the issue was finally resolved.
I suggest that you try to keep your Windows Patch Levels (atleast critical patches) up-to-date to prevent such issues.

I have enabled "Audit account logon events" for failed events.  Below are the most common failed events:
Event Id 4776
Error Code - 0xc000006a and 0xc0000234
Computer - Exchange Server
User = User that is constantly locked out.
Also seeing
Event Id 4769
Computer - Domain Controller
Service - KRBTGT
Service ID - Null SID
Ticket Options:   0x60810010
Failure Code:      0xe
I'm not sure if the second event is related to the first event or not - however when one is logged the other is logged as well so it seems as if they are related in some way.  Any ideas?  Thanks for the responses.

Event Id 4776
0xc000006a - Indicates incorrect password being used
0xc0000234 - Means user is locked out

Event Id 4769
0xe - Means KDC has no support for encryption type

Sounds like the Workstation the user is using is trying to default to an encryption type not support by Windows and thus the DC is locking the user out. Look for any NetWare Client software that may exist that workstation and uninstall it.

Using the audit account logon feature and the Account Lockout Tools we were able to determine the machine causing the account lockout.  From there we determined that a service was attempting to connect to the exchange server - this service is no longer needed - once we disabled the service the specific user account is no longer beiing locked out.

great work tracking it down!!

What was the actual cause for the lock out?

The service in question was being used as a middle man between our groupwise mail server and mobile devices to send/receive mail and initially it was setup to work with Exchange following our conversion.  We are now using the Activesync service builtin to Exchange to synch up the mobile devices and did not turn off the service for the user which was having the problem.  So this service was attempting to connect to the Exchange server with old password for this user and our password policy was locking the account after the specified number of attempts had been reached.   I appreciate all the responses - we were spinning our wheels for several days on this one.