acct lockouts after changing passwords

B

Bobby

I have a handful of users that when they change their
domain password, their accounts get locked out quite
frequently.
Our passwords are set to expire every 90 days. When they
are prompted to change them, they do so successfully.
After that, whenever they try to log on to any machine,
their acct is locked out.

I have searched the event logs and keep coming across
event ID 676:
Authentication Ticket Request Failed:
User Name: XXXXX
Supplied Realm Name: domain.COM
Service Name: krbtgt/domain.COM
Ticket Options: 0x40810010
Failure Code: 0x12
Client Address: 127.0.0.1
(The client address isn't always 127.0.0.1.).
I've already searched eventID.net, the results weren't
much help.

Anyone seen this before?
I would apperciate any help!
Bobby
 
J

jack

We have this problem often. Normally the user has just changed their
password and they are logged on at another machine. Or the may have used
their old credentials to map a network drive somewhere. We have even found
that some users have used their personal account as a service account to
start services on a server. All of these can create the lockout problem.
Check the event log on your DC and see where the lockout is coming from.
You will normally find that it is coming from more than one machine. They
just need to make sure their old credentials are not being used anywhere in
the domain.
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Events 675 676 677 1
All domain Accounts being locked out 4
unexplained lockouts 5
Event ID 676 Logged 1
Event 676 with unknown user name 3
Event ID 676 5
Re-occuring Administrator User Account Lockout 7
AUDIT FAILURE 1

Top