Repeated account lockout after password change

[Paresh]

We have five domain controllers in our environment running
windows2000 sp3. Every now and again when a user changes
their password. after this has happened their user account
will randomly lock itself even though the user is logged
in. Was wondering if anyone has come across this before

 

[Jody Flett [MSFT]]

Hi Paresh

Replication latency can cause issues with newly changed passwords and
accounts getting locked out. SP4 attempts to address these issues by
implemeting a n-2 policy for passwords. ie. it will not increment the bad
password counter if the user types in their last 2 passwords accidentally.

A referral to the PDCe should stop a user getting locked out even if
replication has not occurred unless you have avoidPDConwan set.

Take a look at the account lockout troubleshooting whitepaper for loads of
information in relation to account lockouts and how to identify the cause:
http://www.microsoft.com/technet/tr...ndowsserver2003/maintain/operate/BPACTLCK.asp

Also here is the lockout tools download location:
http://download.microsoft.com/download/1/f/0/1f0e9569-3350-4329-b443-822976f29284/ALTools.exe

Take a look at the following article for details of the latest fixes that
can be applied for known lockout issues:
http://support.microsoft.com/default.aspx?scid=kb;EN-US;817701

Cheers

Jody