Networks·41,424 discussions

AD Locking Users Out Automatically

Locked

I have a few users that are constantly locked out of their PC when a certain server is turned on. We have narrowed it down to just one server. They will never be locked out if the server is not turned on, but we all know that we need that server on at some point or another even for communication purposes. I can go into AD and unlock their account, but dont have a reason why it is only happening when that certain server is turned on. Any help would be greatly appreciated. Thanks

Topic

Clarifications

In reply to AD Locking Users Out Automatically

Clarifications

AD: is this a 2000 domain? native? 1 domain? more? outlook?

In reply to AD Locking Users Out Automatically

anything in the security event logs? i would look this one up at support.microsoft.com. let’s say windows 2000 keywords ‘lock out’.
You find that this is a known issue with more than one cause. Untrusted domains and outlook are known culprits but there is more or I would post a likely link but you’ll need to go read and see which one looks like your situation. post back if you need more help

Users locked out

In reply to AD Locking Users Out Automatically

I have seen this in a situation where a process/task is scheduled to run on the server as a user with password. The password is later changed. Now, Whenever the process fires up on the server, the old password is tried few times and AD Password lockout policy will lockout the user.

If not,
Need some more info:
How many users? Admin uers? What is the server used for?

-H

Sounds like

In reply to AD Locking Users Out Automatically

cached user credentials. On the users PC, open User accounts. Select the user that is having the problems and select the advanced tab. Then click the Manage Passwords button. See if there are any entries in there, especially ones that have the name of your problem server in there. Highlight and delete.

[Author]

Replies