We have 2 domains on 2 separate networks. Lets call it:
Domain A is on network A and Domain B is on network B. Network A is accessible from network B but not B from A. Users have accounts on both domains using first initial last name. There are reasons it has to be done this way that I wont get into here.
My issue is that a Machine that is on Domain/Network B has an application that is requesting authentication from Domain A using domain b credentials. Since the user name is present on domain A also, but the domain is wrong, Domain A is locking the users account every couple minutes.
I have looked at all the logs. I know what machine it is coming from. What I can not figure out is how to narrow down what process on the machine is making this request to the wrong domain. Any Ideas?
I apologize for the confusing post. I can try to clarify if need be.