Domain accounts getting locked by Entourage?

T

trlblzr

Hi,

I've seen a whole lotta posts about this, dating back years, but not
any solution. I've got some users whose Macs are bound to Active
Directory, using Tiger 10.4.5, Entourage 11.2.3 and a Win2k AD. At
random times, their domain accounts become locked out for no apparent
reason. It's not every user, only a select few. One of them was even
locking out before the Mac was bound to AD. Microsoft tech support was
absolutely no help. Has anyone found the solution/cause for this?

Thanks in advance!

Jason
 
A

Andy Ruff

It might be that an incorrect password attempt either by the user,
Entourage, or the Mac OS resulted in an account lock-out. Not sure, but
it's probably a good start for looking into.

-Andy


--
Andy Ruff
MacBU Program Management
Entourage Weblog: http://blogs.msdn.com/entourage/

This posting is provided ³AS IS² with no warranties, and confers no rights.
 
T

trlblzr

It's not a password issue that we can find... I sent several logs to
Microsoft and they couldn't really tell me anything useful. All the
passwords that are stored in the keychain are correct. There's never
any chance for the user to type in an incorrect password, since it's
stored. I've deleted keychains and reset everything to default in my
troubleshooting attempts, but nothing really helped. I'm stumped!
 
A

Andy Ruff

Hmm, not sure then. The only issues I've heard of account lock-outs being
caused by Entourage were the result of several password failures. Outside
of auth, there's very little interaction between Entourage and your AD
structure, everything else is essentially read-only look-ups via LDAP or
routed through the Exchange server.

-Andy


It's not a password issue that we can find... I sent several logs to
Microsoft and they couldn't really tell me anything useful. All the
passwords that are stored in the keychain are correct. There's never
any chance for the user to type in an incorrect password, since it's
stored. I've deleted keychains and reset everything to default in my
troubleshooting attempts, but nothing really helped. I'm stumped!
Click to expand...

--
Andy Ruff
MacBU Program Management
Entourage Weblog: http://blogs.msdn.com/entourage/

This posting is provided ³AS IS² with no warranties, and confers no rights.
 
B

Barry Wainwright [MVP]

I have also encountered 'mailbox locks' when a connection is unexpectedly
terminated (maybe by network problems) and the mail server thinks you are
still connected. Normally this times out - usually in some period between 10
minutes and half an hour.
 
E

Entourage Help

I have also found some very interesting items with AD and passwords.

If a Macintosh user is required to reset their password for AD and does
so from a Macintosh, then there are lots of situations which don't
cause both of the Windows password databases to be reset (thereby not
allowing the other type of authentication to work). A Windows AD reset
of the password to forces both windows password databases to be reset
(commonly after Entourage tries to authenticate improperly 3 times and
locks them out).

Other symptoms can be Windows Group Policies and windows logon scripts
don't work(of course from a PC) yet they can logon to the domain -
until that password is reset via a Windows authentication application.
 
T

trlblzr

Update:

After more than a week of testing, I have not had the problem with a
Mac user bound to AD and running only Entourage with SP1, leading me to
believe that the problem lies with something in SP2. Can anyone
corroborate this?

Thanks,

Jason
 
Top