Windows 7 Outlook ADUC Lockout
Posted on 2014-09-03
I am currently having an issue with my Windows 7 account on our company server. After a certain amount of time my computer will lock me out without inputting incorrect login information, not even once. I see a bubble pop up in the bottom right corner which says,
“Windows needs your current credentials. Please lock this computer, then unlock using your most recent credentials or smart card.”
I then have to go into ADUC remotely and unlock my account manually so I do not get locked and have to log into another admin account and connect to ADUC remotely.
When this occurs, I am locked out of Outlook Office 2013 as well for about 30 - 60 minutes, or until Outlook registers the correct credentials.
Another high priority user connected to our domain is now having a similar issue without the Windows Account lockout, but he is only being locked out of connecting in Microsoft Outlook 2013 and when this occurs for him Outlook prompts a login and password field so that he can insert the correct credentials which fails and automatically repairs itself an hour later.
I have noticed a few things happening in ADUC
In ADUC – Attribute Editor – “badPwdCount – 10” When this hits 10, I am locked out of my account. This is due to the settings in group policy.
Event Viewer on our Mail server.
Windows Logs > Security
Audit Failure (every 5-8 seconds)
Failure Reason: Unknown user name or bad password.
Sub Status: 0xc000006a
as well as 4776 codes from my workstation and does not show what was trying to authenticate.
I am assuming that something in Outlook is registering incorrect credentials when checking for mail and causing a lockout
I have tried clearing key manager.
Shutdown all programs that connect to this workstation (logmein, antivirus?).
Investigated any workstation mistakenly attemping to login as me.
Checked Kerberos DES encryption in ADUC and it was deactivated (unchecked).
Set gpedit.msc "always wait for the network at computer startup and logon to enabled.