Account keeps getting locked out -- Windows Server 2012

For some reason I can't seem to locate the exact service or application that keeps locking out a specific account.

Randomly one of our user accounts keeps getting locked out. I have been able to isolate it to being a login directly to one of our domain controllers and the SVCHOST service.

I have used the MS Account Lockout Tools to find the DC and the NetLogon logs to locate the PID of the service; but still can't fix this issue as of yet. I was able to do this with W2k3 & W2k8; not sure why W2k12 is not giving me the same results.

Any help would be appreciated.
Eric FormanIT Infrastructure EngineerAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

hecgomrecCommented:
Make sure the user doesn't have a local account on the client with the same username but different password.
jmcgOwnerCommented:
Look through your services to see if somehow this user was associated with a service as the login account, with a stored password. Once the password is changed, the service attempting to log in with the stored password will log failures and lock the account out.

I don't know for sure that this is what is causing your experience, but it's not clear that you ruled out this possibility.
Eric FormanIT Infrastructure EngineerAuthor Commented:
I think I have it.

My first AD account was broken so it was deleted and recreated.

When I checked the DC in question, the same host that was showing as the lockout source, I was logged in twice; once with each account. I had not noticed this before.

Since my original AD account was still logged into the DC (login names matched), and the "Queue startup items.." task was running as the DC was idle, it locked out my new account.

I'll know for sure tomorrow.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Your Guide to Achieving IT Business Success

The IT Service Excellence Tool Kit has best practices to keep your clients happy and business booming. Inside, you’ll find everything you need to increase client satisfaction and retention, become more competitive, and increase your overall success.

jmcgOwnerCommented:
I always try to avoid deleting AD accounts that have been in use long enough to leave traces. Not always possible and perhaps overly cautious....
Eric FormanIT Infrastructure EngineerAuthor Commented:
Found issue.
CODAdminNetwork AdministratorCommented:
Can you explain what your issue was?  We are having the same issue with several users.
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Windows Server 2012

From novice to tech pro — start learning today.