We have 2 domains on 2 separate networks. Lets call it:
Domain A
Domain B
Network A
Network B
Domain A is on network A and Domain B is on network B. Network A is accessible from network B but not B from A. Users have accounts on both domains using first initial last name. There are reasons it has to be done this way that I wont get into here.
My issue is that a Machine that is on Domain/Network B has an application that is requesting authentication from Domain A using domain b credentials. Since the user name is present on domain A also, but the domain is wrong, Domain A is locking the users account every couple minutes.
I have looked at all the logs. I know what machine it is coming from. What I can not figure out is how to narrow down what process on the machine is making this request to the wrong domain. Any Ideas?
I apologize for the confusing post. I can try to clarify if need be.
We get it - no one likes a content blocker. Take one extra minute and find out why we block content.
Not exactly the question you had in mind?
Sign up for an EE membership and get your own personalized solution. With an EE membership, you can ask unlimited troubleshooting, research, or opinion questions.
I was able to find a program that was installed on his profile but not any others. This was a domain admin tool and he mistakenly put in the address of Domain A Controller instead of B but did not remember doing it.
Thanks for your help, That one was frustrating me.
ncomper
Ive had this before with a Rogue Admin account lockout, some one had mapped a drive with the wrong details and each time that PC connected it locked the account out, very frustrating to track down the target machine/account that was causing the issue.
I started with Experts Exchange in 2004 and it's been a mainstay of my professional computing life since. It helped me launch a career as a programmer / Oracle data analyst
Thanks for your help, That one was frustrating me.