Solved

Continuous domain account lock out.

Posted on 2016-11-09
3
84 Views
Last Modified: 2016-11-16
I've dealt with these type of issues many times, and usually it comes down to where a user did not change their domain password on a mobile device after changing their password on their computer, which cause the continuous lock out.

This is my first experience with a user having continuous domain lock out issue. See log below. I am trying to trace the source. Per user, she does not have a mobile device or have another session on another computer. Is lsass.exe a suspicious .exe? How can I trace the source to find out where the lock out is occuring? She did mention that the auto-discover option does pop up every now and then.

2016-11-09_12-18-26.png
0
Comment
Question by:joukiejouk
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
3 Comments
 
LVL 25

Accepted Solution

by:
Mohammed Khawaja earned 350 total points
ID: 41881277
Try the following:
- Ensure the account is unlocked
- Have the user login
- Delete mapped drives
- Delete saved credentials in Control Panel
- Wait 30 minutes and see if problem happens
- If account doesn't lock they have the user try one application at a time to find out the offending application
1
 
LVL 8

Assisted Solution

by:Senior IT System Engineer
Senior IT System Engineer earned 150 total points
ID: 41881969
Yes, usually it is saved proxy credentials or some 3rd party application which still using or saving the old credentials.
Typically Apple iTunes.
0
 

Author Closing Comment

by:joukiejouk
ID: 41890056
It was discovered that the Mimecast auhtication add-on in Outlook was causing this issue.
1

Featured Post

Veeam gives away 10 full conference passes

Veeam is a VMworld 2017 US & Europe Platinum Sponsor. Enter the raffle to get the full conference pass. Pass includes the admission to all general and breakout sessions, VMware Hands-On Labs, Solutions Exchange, exclusive giveaways and the great VMworld Customer Appreciation Part

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Active Directory security has been a hot topic of late, and for good reason. With 90% of the world’s organization using this system to manage access to all parts of their IT infrastructure, knowing how to protect against threats and keep vulnerabil…
Group policies can be applied selectively to specific devices with the help of groups. Utilising this, it is possible to phase-in group policies, over a period of time, by randomly adding non-members user or computers at a set interval, to a group f…
In this Micro Tutorial viewers will learn how they can get their files copied out from their unbootable system without need to use recovery services. As an example non-bootable Windows 2012R2 installation is used which has boot problems.
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …

630 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question