AD accout locked out when name matches workstation account
- From: Brian McCauley <my-name-with-a-dot-in-it@xxxxxxxxxxxxxxxxxx>
- Date: Mon, 14 Jul 2008 04:26:01 -0700
I have observed a problem here on our XP/2003 environment. When I login to a
local Worstation account on any of our XP boxes a failed login attempt is
recorded in the AD server event log.
The entry in the AD event log clearly states that the domain of the
attempted login is the worstation name but if the username happens to match
the username of a domain account then that account will get locked out.
There seem to be two separate mis-features (bugs) here. Firstly I can't see
why domain member workstations are sending authentication requests to the
domain controller for local account logins. Secondly the domain controller is
failing to notice that these authetication requests are if fact not for the
domain.
This is, needless to say, very annoying.
I've seen a number of threads here with people having problems that could be
caused by these mis-features but none that I've found actually mention the
issue of the domain controller apparently getting confused as to which domain
an authentication request relates to.
.
- Follow-Ups:
- Re: AD accout locked out when name matches workstation account
- From: Meinolf Weber
- Re: AD accout locked out when name matches workstation account
- Prev by Date: Re: ADAM Partitions on Separate Servers
- Next by Date: Re: Not Creating Computer Accounts - Strange Issue
- Previous by thread: Re: AD restore to Test Lab
- Next by thread: Re: AD accout locked out when name matches workstation account
- Index(es):
Relevant Pages
|
