We have network authentication running on LDAP. User access in obtained via multiple platforms unto the network. Enforcing network security such as password expiration and account lockout is resulting in a nightmare.
There are passwords cached and stored in applications (Browsers, database engines, etc), persistent connections or mapped drives, windows inherent pwl files, scheduled tasks, scripts, batch jobs etc.etc.
Resulting in countless password incorrect and account lockout errors, as these background tasks, applications, services and persistent connections attempt to logon with expired credentials.
Policy lockdowns help but are not the ultimate solution. I am planning to clear such caching/storing via login scripts. Anyone with similar problems care to join in to thrash this one about.