Re: x y.

From: x y (jamescagney90210@excite.com)
Date: 07/06/02 

From: "x y" <jamescagney90210@excite.com>
Date: Sat, 6 Jul 2002 00:53:06 -0400

Sure.. the usual cause for accounts being mysteriously locked out is some
part of Windows somewhere caching an old password [or password hash or
token] for the account and using that "password" to try to authenticate
while connecting to something. This can happen when the user has changed
her password and:

* they are still logged in at another workstation, and the other workstation
would not know about the new password until the user logs out and in again;
* they had previously mapped a network drive on their workstation and typed
in their password at the time to connect;
* a windows service was set by someone to start by using the user's ID and
old password instead of starting using the security context of "system."

Note that Windows retries the authentication several times in a few seconds,
so it only takes a few seconds for the account to lock back out again.

"Rob" <rshahamat@hotmail.com> wrote in message
news:1322801c22460$512ab950$9ee62ecf@tkmsftngxa05...
> Thanks for help.
> Just can you explain a little bit more about this part:
>
> "make sure they don't have any drives mapped
> locally on the workstation with a cached login ID and old
> password, or their
> login ID and an old password isn't being used to start a
> service."
>
> thanks again.
> Rob
>
>
>
> >-----Original Message-----
> >Turn on auditing of failed logins, and make sure a user
> isn't signed into
> >two workstations at the same time, or they don't have any
> drives mapped
> >locally on the workstation with a cached login ID and old
> password, or their
> >login ID and an old password isn't being used to start a
> service.
> >
> >"Rob" <rshahamat@hotmail.com> wrote in message
> >news:157e901c22453$1a2a71f0$9be62ecf@tkmsftngxa03...
> >> Hi,
> >> I have a network with 2 win2k DC, 3 NT4.0 member
> server, 1
> >> Exchange 5.5 server, Unix server with Samba. all
> >> worksations are NT4.0. everything is working fine,
> except,
> >> some of my users periodically get account locked out,
> >> without any specific reason. we have an account lockout
> >> policy after 5 wrong password.I need to know what is the
> >> best way to track and find out what is going on.
> >> Any help I really appriciate
> >> Rob
> >
> >
> >.
> >

Relevant Pages

  • Re: Access server using PP and domain account
    ... With Windows XP using the windows authentication isn't strictly the credentials you use to login to the workstation. ... user account is setup on domain in which project server resides ...
    (microsoft.public.project.pro_and_server)
  • Re: User login between domains in the same tree/frrest
    ... it would work the other way around too: move your workstation to the SG domain and try to log on with the rogerrabbit account and it should work. ... can a user from a parent domain not login to the child domain because he is ...
    (microsoft.public.windows.server.active_directory)
  • Re: XP Login Issue with Shared Drive
    ... This is a peer support newsgroup. ... Windows XP users here, helping each other if and when we can. ... I can login this person on ... But for this workstation, during the COLD-START cycle of power / this path is ...
    (microsoft.public.windowsxp.general)
  • Re: Event ID 5719 not on DC but on Offline Client !!
    ... These error messages indicate the Windows workstation or server computer ... Reset the machine account by using the Active Directory. ... Are the machines only using their local DNS server? ...
    (microsoft.public.windows.server.active_directory)
  • Re: Cant log in
    ... Since you now have a parallel install of Windows that can read NTFS, ... Administrator with no password. ... If you have no options to change the domain on the login screen, ... and the workstation is not joined to a domain. ...
    (microsoft.public.win2000.security)