Account Lockout Issue

jatwood29
jatwood29 used Ask the Experts™
on
We have 2 domains on 2 separate networks. Lets call it:
Domain A
Domain B
Network A
Network B

Domain A is on network A and Domain B is on network B. Network A is accessible from network B but not B from A. Users have accounts on both domains using first initial last name. There are reasons it has to be done this way that I wont get into here.

My issue is that a Machine that is on Domain/Network B has an application that is requesting authentication from Domain A using domain b credentials. Since the user name is present on domain A also, but the domain is wrong, Domain A is locking the users account every couple minutes.

I have looked at all the logs. I know what machine it is coming from. What I can not figure out is how to narrow down what process on the machine is making this request to the wrong domain. Any Ideas?

I apologize for the confusing post. I can try to clarify if need be.
Comment
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
Commented:
It sounds like the client machine has remember the wrong credentials from a previous attempt and is just tying these each time it looks to connect. you will need to check the various cached information locations:

Microsoft Credential manager
Mapped Drives
3rd Party App (you may want to force full credentials to encompass the domain)

Depending what task is trying to authenticate. Can you confirm that if you logon to the same machine with a different profile this does not lock any accounts out.. Worst case if there are no roaming profiles remove and re-create the local profile on the computer and hopefully this will remove that bad remembered password settings

Author

Commented:
I was able to find a program that was installed on his profile but not any others. This was a domain admin tool and he mistakenly put in the address of Domain A Controller instead of B but did not remember doing it.

Thanks for your help, That one was frustrating me.

Commented:
Ive had this before with a Rogue Admin account lockout, some one had mapped a drive with the wrong details and each time that PC connected it locked the account out, very frustrating to track down the target machine/account that was causing the issue.

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial