We help IT Professionals succeed at work.

RDP Lockouts when logging into Windows 7 workstation in Server 2012 domain

Last Modified: 2017-10-08
I have a user who logs in from four different laptops to his WIndows 7 desktop. We recently upgraded the domain controller for his office to Server 2012. Ever since we did so, he's been experiencing regular lockouts (to his desktop computer running Windows 7 Pro) after logging into one or the other of the computers. The laptops are not all running the same OS. One is 7 Pro, one is 7 Home Premium, one is 7 Home, and the other is Windows 10 (Home, I think).

We have not yet established a pattern for what logins will lock him out. Credentials for RDP are saved, and we know they're correct. I re-entered them and tWe're not sure there is one. We suspect there's something in Server 2012 that, by default will not allow logins from multiple computers. NONE are simultaneous login. He's trying to use the same domain account and password on all four laptops. Whether he exits Windows ungraciously, or logs out properly he might still experience a lockout to the workstation on a 2012 domain.

Anyone have any idea?
Watch Question

stephen brownnetowrk support

Have you checked the security logs on the 2012 DC for information?  Is the AD account actually being locked?  If so then I would suggest checking the key manager on each device to see if there are stored credentials causing conflict.  rundll32 keymgr.dll,KRShowKeyMgr from cmd will show you what credentials are being stored on each device.
Senior Consultant
Awarded 2017
Distinguished Expert 2019
This problem has been solved!
(Unlock this solution with a 7-day Free Trial)


Yes, the AD account is being locked. I checked Key Manager on some of the workstations/laptops, not all.


Thanks for your help.