User account getting locked out

M

Marvin

We have a domain user that randomly has his account locked
out. This started when we implemented a domain policy
requiring complex, minimum 6 character passwords. The
user meets all these requirements and still are getting
locked out. He is not running any services anywhere with
his old domain credentials, so what would cause this??
Event log shows event id 40960. "The Security System
detected an attempted downgrade attack for server
LDAP/servername. The failure code from authentication
protocol Kerberos was "The user account has been
automatically locked because too many invalid logon
attempts or password change attempts have been requested.
(0xc0000234)".

Thanks,
MH
 
T

Tony Talmage

Check your Account Lockout Policy to see what the threshold is for failed
attempts; you may need to increase it if this user has difficulty typing his
password.

--
Tony Talmage
Web Developer
Graphic Education Corporation
http://www.graphiced.com
(888) 354-6600
 
D

Dad2ten

Also create a "Password reset disk". The user can do this from Control
Panel/user accounts/related tasks/prevent a forgotten password.
Jerry
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Event ID 40960 & 40961 1
Event ID 40960 1
Event ID 40960 + 40961 / SPNEGO 5
Windows 2000/XP gets locked out 2
Domain user account gets locked out 2
Account locked out 2
downgrade attack 1
LsaSrv errors causing account lockout 0

Top