User Account lockouts
Since pushing out the agents to our pc's, user accounts keep locking out in AD. We have 100 nodes connected with our current license. but have been pushing the agent out to more via subnet provisioning. It appears that the users who are not part of the 100 licensed nodes are the one who's accounts are constantly locking out.
Considering provisioning asks you for an account to use for agent installing, I have no idea why this is happening. I know that it is the K BOX because after switching it off, the accounts don't lock out, until it is switched on again.
Has anybody else had this issue? or any idea what is causing it?
Considering provisioning asks you for an account to use for agent installing, I have no idea why this is happening. I know that it is the K BOX because after switching it off, the accounts don't lock out, until it is switched on again.
Has anybody else had this issue? or any idea what is causing it?
0 Comments
[ + ] Show comments
Answers (4)
Please log in to answer
Posted by:
jkatkace
14 years ago
Is it when you turn on provisioning that the lock-out occurs? And when you turn off provisioning, the lock-out happens again?
How many provisioning runs do you have? How often do each of them run? What kind of account are you using for the provisioning? Are there any messages in the security logs on your domain controller?
How many provisioning runs do you have? How often do each of them run? What kind of account are you using for the provisioning? Are there any messages in the security logs on your domain controller?
Posted by:
crashnburn
14 years ago
It does appear to be when provisioning is running that the accounts lock. I have disabled the provisioning and I do not appear to see any lockouts as of yet.
I have three runs, subnet 203 runs every 3 hours, 204 runs every 1 hour and 205 runs every 2 hours. the account that is used for each of these is a domain administrator account I created.
The security logs do not show anything.
Thanks
I have three runs, subnet 203 runs every 3 hours, 204 runs every 1 hour and 205 runs every 2 hours. the account that is used for each of these is a domain administrator account I created.
The security logs do not show anything.
Thanks
Posted by:
airwolf
14 years ago
This is an interesting issue. It would make sense if the domain admin accounts were being locked out due to an incorrect password, but I have no idea how provisioning could possibly affect user accounts. Have you figured this issue out?
Posted by:
jg1000c
14 years ago
I encountered a similar issue with our service account locking when we enabled client upgrades for a specific group of machines. Did you look at event viewer on the user's machines that keep getting their account locked?
Rating comments in this legacy AppDeploy message board thread won't reorder them,so that the conversation will remain readable.