Account Lockout Issue
We have 2 domains on 2 separate networks. Lets call it:
Domain A
Domain B
Network A
Network B
Domain A is on network A and Domain B is on network B. Network A is accessible from network B but not B from A. Users have accounts on both domains using first initial last name. There are reasons it has to be done this way that I wont get into here.
My issue is that a Machine that is on Domain/Network B has an application that is requesting authentication from Domain A using domain b credentials. Since the user name is present on domain A also, but the domain is wrong, Domain A is locking the users account every couple minutes.
I have looked at all the logs. I know what machine it is coming from. What I can not figure out is how to narrow down what process on the machine is making this request to the wrong domain. Any Ideas?
I apologize for the confusing post. I can try to clarify if need be.
Domain A
Domain B
Network A
Network B
Domain A is on network A and Domain B is on network B. Network A is accessible from network B but not B from A. Users have accounts on both domains using first initial last name. There are reasons it has to be done this way that I wont get into here.
My issue is that a Machine that is on Domain/Network B has an application that is requesting authentication from Domain A using domain b credentials. Since the user name is present on domain A also, but the domain is wrong, Domain A is locking the users account every couple minutes.
I have looked at all the logs. I know what machine it is coming from. What I can not figure out is how to narrow down what process on the machine is making this request to the wrong domain. Any Ideas?
I apologize for the confusing post. I can try to clarify if need be.
Do more with
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
It sounds like the client machine has remember the wrong credentials from a previous attempt and is just tying these each time it looks to connect. you will need to check the various cached information locations:
Microsoft Credential manager
Mapped Drives
3rd Party App (you may want to force full credentials to encompass the domain)
Depending what task is trying to authenticate. Can you confirm that if you logon to the same machine with a different profile this does not lock any accounts out.. Worst case if there are no roaming profiles remove and re-create the local profile on the computer and hopefully this will remove that bad remembered password settings
Microsoft Credential manager
Mapped Drives
3rd Party App (you may want to force full credentials to encompass the domain)
Depending what task is trying to authenticate. Can you confirm that if you logon to the same machine with a different profile this does not lock any accounts out.. Worst case if there are no roaming profiles remove and re-create the local profile on the computer and hopefully this will remove that bad remembered password settings
Premium Content
You need an Expert Office subscription to comment.Start Free Trial