Starting on the 6th of March I started seeing the following error on both of our domain controllers (2008 R2) and I have never seen this before. I have run various virus sweeps and found no issues so far. Replication works okay and nothing else jumps out as being wrong right now. The servers are current in their MS patching (we are a few weeks behind). The odd thing is that it always refers to the same user account (a regular domain user with roaming profile) and no other accounts (no administrator either) have been noted in the error. The hard disks, array, etc. are all good. I checked and (using MS account lockout tool) noted that their account was locked out on both DC and I unlocked it. I tested and it can be locked and unlocked without issues. No user has reported logon issues or random/odd password reset needs.
ERROR Event ID 12294
The SAM database was unable to lockout the account of ojohnson due to a resource error, such as a hard disk write failure (the specific error code is in the error data) . Accounts are locked after a certain number of bad passwords are provided so please consider resetting the password of the account mentioned above.
Any thoughts as to what this could be?