Account Lockout Issue

We have 2 domains on 2 separate networks. Lets call it:
Domain A
Domain B
Network A
Network B

Domain A is on network A and Domain B is on network B. Network A is accessible from network B but not B from A. Users have accounts on both domains using first initial last name. There are reasons it has to be done this way that I wont get into here.

My issue is that a Machine that is on Domain/Network B has an application that is requesting authentication from Domain A using domain b credentials. Since the user name is present on domain A also, but the domain is wrong, Domain A is locking the users account every couple minutes.

I have looked at all the logs. I know what machine it is coming from. What I can not figure out is how to narrow down what process on the machine is making this request to the wrong domain. Any Ideas?

I apologize for the confusing post. I can try to clarify if need be.
jatwood29Asked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

ncomperCommented:
It sounds like the client machine has remember the wrong credentials from a previous attempt and is just tying these each time it looks to connect. you will need to check the various cached information locations:

Microsoft Credential manager
Mapped Drives
3rd Party App (you may want to force full credentials to encompass the domain)

Depending what task is trying to authenticate. Can you confirm that if you logon to the same machine with a different profile this does not lock any accounts out.. Worst case if there are no roaming profiles remove and re-create the local profile on the computer and hopefully this will remove that bad remembered password settings
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
jatwood29Author Commented:
I was able to find a program that was installed on his profile but not any others. This was a domain admin tool and he mistakenly put in the address of Domain A Controller instead of B but did not remember doing it.

Thanks for your help, That one was frustrating me.
0
ncomperCommented:
Ive had this before with a Rogue Admin account lockout, some one had mapped a drive with the wrong details and each time that PC connected it locked the account out, very frustrating to track down the target machine/account that was causing the issue.
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Active Directory

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.