Re: Event ID 12294 - The SAM database was unable to lockout the account...

jabrandt_at_online.microsoft.com
Date: 08/09/04

  • Next message: Dennis R: "password problem" 
    Date: Mon, 9 Aug 2004 15:54:21 -0500

    Blake, I would consider the fact that it could be someone attempting to
    guess a user account password. Since it is only a couple of times a day
    that would not be my first guess. If you dont already, enable auditing on
    logon events success and failures. This might help provide further info in
    the security event log about which DC is attempting the authentication and
    the user account.
    My inital reaction would be that you have a user account that the password
    has been changed on and you still have either a service or TS session that
    is attempting to authenticate with the old password. 

    -- 
James Brandt [MSFT]
"Blake" <blake_duffey@NOSPAM.hotmail.com> wrote in message 
news:%23EVeQj%23eEHA.1724@TK2MSFTNGP10.phx.gbl...
> Getting this a couple times/day in the event log of our DCs (Windows 2000 
> native mode AD):
>
> The SAM database was unable to lockout the account of ? due to a resource 
> error, such as a hard disk write failure (the specific error code is in 
> the error data) . Accounts are locked after a certain number of bad 
> passwords are provided so please consider resetting the password of the 
> account mentioned above.
>
> Anybody seen this before??
>
> Blake
>
  • Next message: Dennis R: "password problem"

    Relevant Pages

    • Re: Event ID 12294 - The SAM database was unable to lockout the account...
      ... Blake, I would consider the fact that it could be someone attempting to ... guess a user account password. ... the security event log about which DC is attempting the authentication and ... > Getting this a couple times/day in the event log of our DCs: ...
      (microsoft.public.windows.server.general)
    • Re: Event ID 12294 - The SAM database was unable to lockout the account...
      ... Blake, I would consider the fact that it could be someone attempting to ... guess a user account password. ... the security event log about which DC is attempting the authentication and ... > Getting this a couple times/day in the event log of our DCs: ...
      (microsoft.public.win2000.active_directory)
    • Re: How can I avoid using SQL Authentication with the Office Web Parts?
      ... That does not sound like Office Web Parts ignoring impersonation. ... your logged on user credentials as authentication. ... Exposing any functionality on a server creates a security risk. ... If I log into my machine using one domain user account and then log into the ...
      (microsoft.public.office.developer.web.components)
    • Re: How can I avoid using SQL Authentication with the Office Web Parts?
      ... That does not sound like Office Web Parts ignoring impersonation. ... your logged on user credentials as authentication. ... Exposing any functionality on a server creates a security risk. ... If I log into my machine using one domain user account and then log into the ...
      (microsoft.public.inetserver.iis)
    • Re: How can I avoid using SQL Authentication with the Office Web Parts?
      ... That does not sound like Office Web Parts ignoring impersonation. ... your logged on user credentials as authentication. ... Exposing any functionality on a server creates a security risk. ... If I log into my machine using one domain user account and then log into the ...
      (microsoft.public.sharepoint.windowsservices)