Solved

microsoft authentication package v1.0 locking out user

Posted on 2013-01-20
5
17,586 Views
1 Endorsement
Last Modified: 2013-01-21
I have a user running a Mac and his account is getting locked out constantly. He claims that nothing is using old credentials and that he deleted his keypass. however, every couple days we get this in the domain controllers:

Logon attempt by:      MICROSOFT_AUTHENTICATION_PACKAGE_V1_0
 Logon account:      <user name>
 Source Workstation:      \\workstation
 Error Code:      0xC000006A


Normally i would look at the source workstation area as it would tell me an IP address or valid computername. however, \\workstation never shows on our DNS or DHCP logs. and the microsoft authentication package v1.0 seems to be very generic from the searching i've done.

ive been using eventcoombt.exe and lockottstatus.exe to try and troubleshoot but i dont know where else to look. can install anything on this users mac or the DC's to get more detail or anything?
1
Comment
Question by:msidnam
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
5 Comments
 
LVL 23

Expert Comment

by:Ayman Bakr
ID: 38799686
Is the user using a wireless device (smartphone, ipad, laptop) to connect to a service (exchange, internet) using his AD credentials?

If that is so, then this would most probably be the culprit, because if the user changes his password on his workstation, he has to do the same on every  wireless device connected. Otherwise the wireless devices would persist on attempting to login with the old credentials, hence locking his account constantly.
0
 
LVL 2

Author Comment

by:msidnam
ID: 38799797
We checked his devices and they are all changed. Also I've noticed that if its an iPad, or a smart
0
 
LVL 2

Author Comment

by:msidnam
ID: 38799798
Phone the source workstation would indicate the IP of our exchange server. Which in this case it isn't.
0
 
LVL 23

Accepted Solution

by:
Ayman Bakr earned 500 total points
ID: 38799870
Check this thread for the various tracing suggestions that you can utilize in your case in order to pinpoint the root cause for the issue:

http://social.technet.microsoft.com/Forums/en-US/winserverDS/thread/1c7e66a4-6a81-4118-89df-2e290852c3cc/
0
 
LVL 2

Author Closing Comment

by:msidnam
ID: 38801139
Lots of good links. Thank you. The user told me today that he found manual entries in his fstab file. Even though this is something i mentioned to him earlier.
0

Featured Post

Secure Your Active Directory - April 20, 2017

Active Directory plays a critical role in your company’s IT infrastructure and keeping it secure in today’s hacker-infested world is a must.
Microsoft published 300+ pages of guidance, but who has the time, money, and resources to implement? Register now to find an easier way.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article runs through the process of deploying a single EXE application selectively to a group of user.
A company’s centralized system that manages user data, security, and distributed resources is often a focus of criminal attention. Active Directory (AD) is no exception. In truth, it’s even more likely to be targeted due to the number of companies …
This tutorial will give a an overview on how to deploy remote agents in Backup Exec 2012 to new servers. Click on the Backup Exec button in the upper left corner. From here, are global settings for the application such as connecting to a remote Back…
This tutorial will give a short introduction and overview of Backup Exec 2012 and how to navigate and perform basic functions. Click on the Backup Exec button in the upper left corner. From here, are global settings for the application such as conne…

749 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question