Help

iMac causing AD account to Lock everyday.

Towse765
New Contributor

Posted on ‎12-18-2018 03:41 AM

Hi all, we are experiencing issues with some Active Directory accounts locking when they come to log into the machine their account is locked. Just for a bit of content our iMacs have DeepFreeze enabled on them so the rules out keychain and they also reboot every night. Any suggestions would be greatly appreciated.

0 Kudos
Reply
4 REPLIES 4

AVmcclint
Honored Contributor

Posted on ‎12-18-2018 03:45 AM

If the user's home folder is included in the freeze, then it's possible that the passwords stored in the frozen keychain could be sending old credentials.

0 Kudos
Reply

Towse765
New Contributor

Posted on ‎12-18-2018 04:38 AM

The Macs are Frozen in a Blank state with no user profiles so when the user logs in it will create an account for them until it is restarted which is done on a schedule every night.

0 Kudos
Reply

sshort
Valued Contributor

Posted on ‎12-18-2018 06:24 AM

Do you have a reason to suspect it's the iMac itself that's causing the lockouts? If you have a tool like AD Audit (or others) you can determine the device or IP where the lockout is occuring. Are the users setting up email or other services on phone or other devices that might be causing the lockout?

0 Kudos
Reply

Towse765
New Contributor

Posted on ‎12-18-2018 07:41 AM

We suspect this due to running a script that can find were the account is locked out from. Users are not able to attach their account to any mobile device due to security. When we run the script with a windows machine it will display the hostname. However with a iMac it does not show anything. Some of the accounts that are reporting this issue and newly set up accounts

0 Kudos
Reply