I had a 2003 domain with 2 DC one 2003 termin server one 2003 exchange standard another 2003 member server and two 2008 member server, I install two new 2008 server and run dcpromo (did all thw AD prep) and tranfered all roles from the 2003 DC to the 2008 DC
and removed one of the 2003 DC and I also remove dns from the 2003 dc and just have it the two 2008 DC. i then install a 2008 enterprze server with exchange 2010 enterprize, i still have the 2003 exchange with a few users on it. I now have users being locked out, I have remote user being locked out when connecting to 2003 terminal server. some user keep having the problem a few times aday and other have the problem every now and then, the users that are locked out are on window xp sp3, I have a few windows 7 computers and these user have no problem.
I have no events about lock outs, I have a password policy but got rid of it and two week later still havethe problem.
I have used Alockstatus tool and when I check a locked ouy user it will show my 3 DC and show bad for each server and it will allso show that user password policy that I had but I molonger have it.