Thin Client / Term Server Environment unexpected lockouts

I've got this odd issue going on at a client.
This happens to both internal users, and people using the VPN, or coming in via the internet.
I'm unsure, at the moment, if the RD Gateway is playing a role in the problem.

We've got group policies in place to have disconnects after idle timeout of 15 min.
The problem we're seeing is that if a session times out, and disconnects, the users AD account is ending up locked out sometimes.
Of course this requires a period of time or manual unlock to fix.

I've reviewed GP's and see nothing that should be causing this behavior.
I'm thinking that this has to be in how the sessions are disconnecting, and, as stated above, have not ruled out the RD Gateway.

Who is Participating?
SandeshdubeyConnect With a Mentor Senior Server EngineerCommented:
Sometimes the network trace will the most helpful piece to figure out where the lockout is coming from.

You can also set the debug flag on NetLogon to track authentication.  "This creates a text file on the PDC that can be examined to determine which clients are generating the bad password attempts."
Enabling debug logging for the Net Logon service

Using the checked Netlogon.dll to track account lockouts

Troubleshooting account lockout the Microsoft PSS way:
ITnavigatorsAuthor Commented:
Good info for me here. Helped me out, and learned something new!
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.