Hi folks,
Ill dive straight in with this one as Ive been working on it since 9am today, with little progress.
I have USER A who's account locks out without them even being logged into their machine. The user changed their password yesterday as per company policy and since then it keeps locking out after 3-5 minutes.
Platform - WIN 7 Pro 64 Bit
Server - Win Server 2008 R2 Standard
I have done the following -
Cleared credential manager - NO DIFFERENCE
Reset IE and cleared personal details during reset - NO DIFFERENCE
Tested by logging onto another machine - NO JOY
Recreated their login profile - NO DIFFERENCE
Checked for logged on terminal services accounts - NONE LOGGED IN
Connected devices ie. iPad, iPhone, Android - NONE
I have checked on our DC's and have found the following -
- System
- Provider
[ Name] Microsoft-Windows-Security-Auditing
[ Guid] {54849625-5478-4994-A5BA-3E3B0328C30D}
EventID 4776
Version 0
Level 0
Task 14336
Opcode 0
Keywords 0x8010000000000000
- TimeCreated
[ SystemTime] 2014-01-14T12:43:53.301501000Z
EventRecordID 2042599718
Correlation
- Execution
[ ProcessID] 516
[ ThreadID] 29720
Channel Security
Computer XXXXXXDC02.XXXXXXXXXXXXXX.co.uk
Security
- EventData
PackageName MICROSOFT_AUTHENTICATION_PACKAGE_V1_0
TargetUserName USER A
Workstation XXXXXXXX
Status 0xc0000234
Kind of hit a brick wall now. Any ideas anyone?
Ill dive straight in with this one as Ive been working on it since 9am today, with little progress.
I have USER A who's account locks out without them even being logged into their machine. The user changed their password yesterday as per company policy and since then it keeps locking out after 3-5 minutes.
Platform - WIN 7 Pro 64 Bit
Server - Win Server 2008 R2 Standard
I have done the following -
Cleared credential manager - NO DIFFERENCE
Reset IE and cleared personal details during reset - NO DIFFERENCE
Tested by logging onto another machine - NO JOY
Recreated their login profile - NO DIFFERENCE
Checked for logged on terminal services accounts - NONE LOGGED IN
Connected devices ie. iPad, iPhone, Android - NONE
I have checked on our DC's and have found the following -
- System
- Provider
[ Name] Microsoft-Windows-Security-Auditing
[ Guid] {54849625-5478-4994-A5BA-3E3B0328C30D}
EventID 4776
Version 0
Level 0
Task 14336
Opcode 0
Keywords 0x8010000000000000
- TimeCreated
[ SystemTime] 2014-01-14T12:43:53.301501000Z
EventRecordID 2042599718
Correlation
- Execution
[ ProcessID] 516
[ ThreadID] 29720
Channel Security
Computer XXXXXXDC02.XXXXXXXXXXXXXX.co.uk
Security
- EventData
PackageName MICROSOFT_AUTHENTICATION_PACKAGE_V1_0
TargetUserName USER A
Workstation XXXXXXXX
Status 0xc0000234
Kind of hit a brick wall now. Any ideas anyone?
