Several users in our domain are getting locked throughout the day.
Several attempts to narrow down the problem or problematic application didn't succeed, so we are looking for help here.
While troubleshooting one of the users, we made sure that users does not have any scheduled tasks or services running as him on his W7x64PC computer. We also removed all entries from windows credential manager and deleted all saved ids and passwords form all of his browsers. Un-mapped all network drives and printers, however his account continues to get locked throughout the day at random times
User is running Outlook 2007 (suspect app #1) against exchange 2013 CU5 and we made sure
Outlook is patched with SP3 and KBs listed below are applied to the PC
http://support2.microsoft.com/kb/2598366
http://support2.microsoft.com/kb/2687404
Additionally we enabled netlogon.log logging on the DCONT1 and saw the following events, when user got locked out
10/08 11:58:50 [LOGON] DOMAIN: SamLogon: Transitive Network logon of DOMAIN\bcocozul from W7x64PC (via DCONT2) Entered
10/08 11:58:50 [LOGON] DOMAIN: SamLogon: Transitive Network logon of DOMAIN\bcocozul from W7x64PC (via DCONT2) Returns 0xC0000234
10/08 11:58:50 [LOGON] DOMAIN: SamLogon: Transitive Network logon of DOMAIN\bcocozul from W7x64PC (via DCONT2) Entered
10/08 11:58:50 [LOGON] DOMAIN: SamLogon: Transitive Network logon of DOMAIN\bcocozul from W7x64PC (via DCONT2) Returns 0xC0000234
Any suggestions are greatly appreciated
Several attempts to narrow down the problem or problematic application didn't succeed, so we are looking for help here.
While troubleshooting one of the users, we made sure that users does not have any scheduled tasks or services running as him on his W7x64PC computer. We also removed all entries from windows credential manager and deleted all saved ids and passwords form all of his browsers. Un-mapped all network drives and printers, however his account continues to get locked throughout the day at random times
User is running Outlook 2007 (suspect app #1) against exchange 2013 CU5 and we made sure
Outlook is patched with SP3 and KBs listed below are applied to the PC
http://support2.microsoft.com/kb/2598366
http://support2.microsoft.com/kb/2687404
Additionally we enabled netlogon.log logging on the DCONT1 and saw the following events, when user got locked out
10/08 11:58:50 [LOGON] DOMAIN: SamLogon: Transitive Network logon of DOMAIN\bcocozul from W7x64PC (via DCONT2) Entered
10/08 11:58:50 [LOGON] DOMAIN: SamLogon: Transitive Network logon of DOMAIN\bcocozul from W7x64PC (via DCONT2) Returns 0xC0000234
10/08 11:58:50 [LOGON] DOMAIN: SamLogon: Transitive Network logon of DOMAIN\bcocozul from W7x64PC (via DCONT2) Entered
10/08 11:58:50 [LOGON] DOMAIN: SamLogon: Transitive Network logon of DOMAIN\bcocozul from W7x64PC (via DCONT2) Returns 0xC0000234
Any suggestions are greatly appreciated