AD account lock-out when use outlook under local account log on

Dear All

Happy holidays.

I have encounter this situation and need your help.

I have two end users, both use laptop and log into the compute with their own local account. Everything is fine until I configured outlook on their computer.

The account lock-out started to happen.

I set outlook do not cache the credential, so every time they launch outlook, the authentication window prompted, I ask them to use this format to login

username: domain\domianaccount
password: domianpassword

They can log in. But after a short moment, they cannot receive or send e-mail. I checked and found their account lock-out.

The reason I think this is related to outlook is because after I unlocked their account, as long as they do not log into outlook, their account is fine all day.

Our AD is win server 2003 Enterprise SP2
client laptop: win7 Enterprise and win7 enterprise SP1

So far i found one trick to solve this:

On my test machine, I made the test domain account the same as local account. and the passwords are the same.

I used both to log in and i saw two folders under "Users" folder:

abc
abc.domain.com

And I use abc to log into local computer, and user abc.domain.com to authenticated while use outlook. (passwords are the same for these 2 accounts)This way, the domain account will not be locked out.

But this is not really a solid solution and required to change user's local account to the same form as domain account. So did the password.

Please advise.

Thanks and happy holidays.

Best,
CRIITAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

pwindellCommented:
But this is not really a solid solution and required to change user's local account to the same form as domain account. So did the password.

You're chasing the wrong problem.  Outlook isn't the problem,...it is doing exactly what it would be expected to do and the results you are getting are exactly what you should get,...and "shadowing" the password with the Workgroup Name of the machine matching the Domain Name is the only way to avoid problems.

The REAL problem (that I can already tell that you will probably resist fixing) is that the machines are not Domain Members.   The machines should be Domain Members and the local accounts need to be deleted.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Microsoft Applications

From novice to tech pro — start learning today.