According to Security Event Log, the key issue is that the local account authentication occurred on the domain controller. Afterwards, the domain account of the same name was locked out. The domain account lockout problem kept happening until we connected to same server using RDP again.
The following is the event sequence:
1. RDP to the server using the local user( server name\user name).
2. Run scheduled task on the server in Task Scheduler.
3. Open command prompt as the same local user and run the executable as specified in the scheduled task.
4. Close the command prompt and then RDP session
5. The domain user of the same name was locked out
Server: Windows Server 2012 Standard
Please help.
Regards,
Wilson
Best Answer
This thread contains some solutions that may help:
Running
rundll32 keymgr.dll,KRShowKeyMgrunder local user and local system account (with psexec) and clearing stored passwords. Runningcontrol userpasswords2may help to find stored passwords too.Searching for mapped drives or printers, or tasks in task scheduler under domain user name, and removing them, if any.
IE or WindowsUpdate may cause lockout, while authentifcating on proxy or downloading wpad.pac.
Something system and unknown yet, for example, lockout on just pressing ctrl-alt-del.
However, there are no silver bullet, and none of this solutions help all people, and, unfortunately, me too.
PS In all scripts, etc there user name is provided in clear text (not in task sheduler and so on, there it resolved to SID after clicking OK) please make shure, that local user name is typed like 'COMPUTER\Username' or '.\Username' and NOT like 'Username', without direct typing of logon authority. Silly, but that may be the point.