User locked out with event 537 under type 11 logon
From: Gijtech (junk_at_gijoes.com)
Date: 11/09/05
- Previous message: Roger Abell [MVP]: "Re: Copying File / Folder permissions across servers"
- Next in thread: Steven L Umbach: "Re: User locked out with event 537 under type 11 logon"
- Reply: Steven L Umbach: "Re: User locked out with event 537 under type 11 logon"
- Reply: Gijtech: "Re: User locked out with event 537 under type 11 logon"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Wed, 9 Nov 2005 13:56:28 -0800
I have a user logging in to the domain from a Win xp sp2 system, who after successfully logging into the domain then logs on to our intranet views an office document then enters the back command and finds his account locked out.
looking at the event log on the users system reveals one entry of
Logon Failure: Reason: An error occurred during logon
User Name: username
Domain: domain
Logon Type: 11
Logon Process: User32
Authentication Package: Negotiate
Workstation Name: computer name
Status code: 0xC000005E
Substatus code: 0x0
followed by
Logon Failure:Reason: Account locked out
User Name: username
Domain: domain
Logon Type: 2
Logon Process: User32
Authentication Package: Negotiate
Workstation Name: computer name
at this point the user calls and we rest the account. user lockout is set for 5 fails not 1. we have hklm\Software\Microsoft\Windows NT\Current Version\Winlogon\cachedlogonscount set to 0 so I am at a loss as to why the system is attempting to use a cachedinteractive logon, and why is it failing w/ only one attempt.
- Previous message: Roger Abell [MVP]: "Re: Copying File / Folder permissions across servers"
- Next in thread: Steven L Umbach: "Re: User locked out with event 537 under type 11 logon"
- Reply: Steven L Umbach: "Re: User locked out with event 537 under type 11 logon"
- Reply: Gijtech: "Re: User locked out with event 537 under type 11 logon"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
