Domain account locked out repeatedly

  • Thread starter Thread starter Matsi
  • Start date Start date
M

Matsi

Hi,

We have a Windows Server 2003 active directory domain, ISA server with VPN,
and one Windows Vista client. The Vista owner calls me every time he wants to
connect with VPN, and tells me that he cannot. Looking in Active Directory
shows me, that his domain user account is locked out. When I unlock the
account he is able to login. It seems that something (a service? office
2007?) does try to authenticate with wrong credentials, and locks his account
every time it can.

I have the default settings for the account lockout policy, threshold of 3,
and 0 for lockout duration.
This problem is really annoying so much, that I think about to tell him to
uninstall Vista and install XP again. The XP users don't have this problem at
all.

I've looked around in the web and found some other users that have the same
problem. But I found no solution for it.

I don't want to uninstall Vista. If anyone can help or has got an idea, this
would be really be appreciated!

Thank you!
 
Thank you for your answer!

What do you mean with "temp ID"? Another domain user account?
 
I have the exact same problem between a Vista business client and an
XP server with folder sharing. Vista repeatedly logs in to the XP
server with the wrong credentials until an account lockout is
initiated on the XP server. Both computers are on the same LAN.

I have the "Documents" folder on the Vista client mapped to a share on
the XP server with offline folders enabled.

The event viewer on the XP machine shows repeated login failures
because of bad password and then repeated login failures because of
the account lockout. I have made sure that the network password saved
in the Vista user account is valid.

I had an XP client that mapped the My Documents folder to the same
share on the XP server for years and never had this problem until I
got a Vista client.
 
I set up a second account and my sales guy tried out to login. It worked and
the account was not locked out. But of course he could not connect to his
exchange mailbox (Because of I did not want to copy his whole Exchange
Mailbox). I mean: could it be the outlook client that has a problem?

Please give me some more time to get more debug output. I want to get traces
with ethreal and want to analyse the Windows server security logs.

Thank you!
 
I set up a second account and my sales guy tried out to login. It worked and
the account was not locked out. But of course he could not connect to his
exchange mailbox (Because of I did not want to copy his whole Exchange
Mailbox). I mean: could it be the outlook client that has a problem?
Click to expand...
Please post back if you figure out a solution. Thanks!
 
Back
Top