Our organization is using external LDAP authentication on the K1000 and having some trouble with incorrect logins to the admin portal.  When an incorrect password is entered at kbox login, the admin account that is being used gets locked out because the kbox accesses multiple domain controllers.  I have verified this in the domain controllers event viewer security logs.  This does not happen in the user portal.  The current scenario is that typing one incorrect password into the kbox locks out the admin account on the domain, which is not good.

Domain Controllers are running Server 2008 R2 -- K1000 version 5.2.38773

Has anyone else run into this issue?

0 Comments   [ + ] Show Comments

Comments

Please log in to comment

Answers

1

hmm... That doesn't make sense... How many different ldap queries are you running?

Answered 04/26/2012 by: dchristian
Red Belt

  • We do have separate LDAP queries for users and domain admins (using two DCs). I thought the extra queries might be the issue, but even when leaving just a single domain-wide query for a single DC the issue persists. The strangest thing is that the DC that tries the third time and locks the account is not listed anywhere on the kbox. It seems that the authentication request is hitting every DC with the bad password until a lockout occurs.
Please log in to comment
Answer this question or Comment on this question for clarity