• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 296
  • Last Modified:

Changed Domain Administrator Password, now getting Audit Failures 2008R2

I changed a Domain Administrator's Password 2 weeks ago and it keeps getting locked out.  We are getting Kerberos pre-authentication failed every couple of minutes. Event ID 4771 and then it locks out the account.

We have check all services running on all servers (even shut down our spiceworks server) and the problem does not go away.

We use DFSR.

I can't find anyway to tell where the login attempts are occurring from.

Any help would be greatly appreciated.
  • 3
1 Solution
Patrick BogersDatacenter platform engineer LindowsCommented:
In security event log you should see where the request is coming from.
Can be a share to the DC, can be back-up software, can be SCOM client etcetera.

Please tell me more if above does not help
BFanguyAuthor Commented:
I spent some time this weekend and this is what I am speculating.

Most of our workstations were at some time or another logged into by our old domain admin account (MyAdmin).

We have changed MyAdmin's password on the domain, now it looks like the domain controllers are doing a pass on all workstations for pre authentication of stored credentials and it is seeing all of these old passwords and failing.  After ~ 100 pre authentication fails it locks the myadmin account.

Anyone ever hear of something like this?  is there a script I can run to clean off all of these workstations credentials?
BFanguyAuthor Commented:
I opened a case with Microsoft and we worked on it for weeks.  I wound up change the domain account's password back to what it was for 1 week and then changed the password again and the errors stopped.
BFanguyAuthor Commented:
found the error myself
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Creating Active Directory Users from a Text File

If your organization has a need to mass-create AD user accounts, watch this video to see how its done without the need for scripting or other unnecessary complexities.

  • 3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now