Windows – 域帐户使用正确的密码每隔几分钟保持锁定

我有用户谁的帐户正在保持锁定每30分钟.完成所有检查,删除任何缓存密码,创建新的配置文件,从IE删除密码.

即使用户正在使用他的帐户,他也会锁定(他已登录)

检查20台服务器后,我发现他们是服务运行,导致他的帐户锁定我想.

675,AUDIT FAILURE,Security,Thu Dec 16 07:54:04 2010,NT AUTHORITY\SYSTEM,Pre-authentication Failed:     User Name:  userid     User ID:  %{id}     Service Name:  krbtgt/DOMAIN     Pre-Authentication Type: 0x2     Failure Code:  0x12     Client Address:  IP address

有谁知道这是什么

krbtgt/DOMAIN     
Key Distribution Center Service Account

有些人可以向我解释一下为什么会发生这种情况,以及我如何解决这个问题.

675,Fri Dec 24 09:13:01 2010,Pre-authentication Failed:     User Name:  user_id    User ID:  %{id}     Service Name:  krbtgt/Domain     Pre-Authentication Type: 0x2     Failure Code:  0x12     Client Address:  172.16.5.1    
675,Fri Dec 24 08:49:06 2010,Pre-authentication Failed:     User Name:  user_id    User ID:  %{id}     Service Name:  krbtgt/Domain     Pre-Authentication Type: 0x2     Failure Code:  0x12     Client Address:  172.16.5.102    
644,AUDIT SUCCESS,User Account Locked Out:     Target Account Name: user_id    Target Account ID: %{id}     Caller Machine Name: UKNML3266     Caller User Name: LONDON$    Caller Domain: Domain     Caller logon ID: (0x0,0x3E7)    
675,Pre-authentication Failed:     User Name:  user_id    User ID:  %{id}     Service Name:  krbtgt/Domain     Pre-Authentication Type: 0x2     Failure Code:  0x18     Client Address:  172.16.5.102    
675,Fri Dec 24 08:46:28 2010,Pre-authentication Failed:     User Name:  user_id    User ID:  %{id}     Service Name:  krbtgt/Domain     Pre-Authentication Type: 0x2     Failure Code:  0x18     Client Address:  172.16.5.8    
675,Pre-authentication Failed:     User Name:  user_id    User ID:  %{id}     Service Name:  krbtgt/Domain     Pre-Authentication Type: 0x2     Failure Code:  0x18     Client Address:  172.16.5.8    
c:\sc0472\LONDON-Security_LOG.txt contains 8 parsed events.

从 http://social.technet.microsoft.com/Forums/en/w7itprosecurity/thread/e1ef04fa-6aea-47fe-9392-45929239bd68尝试这个解决方案

Microsoft Support found the problem for us. Our domain accounts were
locking when a Windows 7 computer was started. The Windows 7 computer
had a hidden old password from that domain account. There are
passwords that can be stored in the SYSTEM context that can’t be seen
in the normal Credential Manager view.

Download PsExec.exe from 07001 and copy
it to C:\Windows\System32.

From a command prompt run: psexec -i -s -d cmd.exe

From the new DOS window run: rundll32 keymgr.dll,KRShowKeyMgr

Remove any items that appear in the list of Stored User Names and Passwords. Restart the computer.

Windows – 域帐户使用正确的密码每隔几分钟保持锁定

猜你在找的Windows相关文章