Network Problem

By sosa.luis29 ·
A Primary Domain Controller constatly locks the users Account Disable property denying the user acces to the database's property.

This conversation is currently closed to new comments.

Thread display: Collapse - | Expand +

All Answers

Collapse -

several causes

by robo_dev In reply to Network Problem

Known causes:
1) Logged on somewhere else in the network. The user is already persistently logged into another computer somewhere else in the domain (such as in a conference room after changing the password on their regular machine.

2) Microsoft Outlook. An open application such as Microsoft Outlook on another machine will periodically validate to the domain and if it uses an invalid username/password combination this will lock the account out after the specified number of retries.

3) Terminal Server session. A Terminal Server session could be open which is
attempting to authenticate using the old password. This machine could be outside of the network (open OWA session) or be
a laptop connected in over VPN.

4) Service Account. The user's account is running as a service on a computer
somewhere else in the network with old credentials.

5) Scheduled Task. A scheduled task on their computer is using old credentials.

6) Drive mapping. A Drive mapping on machine is using old credentials.

7) A virus (such as a worm) has determined the user account is using a weak password (such as blank or same as username) and is attempting to access other resources on the network.
If you have raised the NTLM level on your DCs, and you try to log into a workstation whose NTLM level is 0 your user account will be locked immediately. The fix would be to raise the NTLM level on the workstation.

Related Discussions

Related Forums