Specific AD account locked out at random intervals
Posted on 2012-04-05
Windows 2003 Domain
Blackberry 4.x server
I have one user account in Active Directory that is used for our Blackberry Enterprise Server services. For whatever reason, at random intervals this account becomes locked out. It can lock out two days in a row at different times and then be fine for 3 weeks and lock out again.
To investigate this issue I have used the Account Lockout tools provided by Microsoft as well as some 30 day trial apps but unable to find the consistent source of this lockout. Looking at the security logs from the tools I'm using it is a few different computers but not one that says, "Hey, it's me!!!
Everything has been scoured and tweaked for this problem but still no luck: AD replication, old scheduled tasks, services that have the old password, passwords in old profiles..... nothing. I changed the password to conform to our password complexity policy even though it is set not to expire and updated all services and credentials for these services. Still nothing has changed.
Any help I can get would be deeply appreciated as I'm out of ideas of what else to try.