You don't happen to be behind a server group having 3 or more servers are you?? I cannot really confirm it but it might be possible that the AR Client is designed to try the next server if it doesn't get into the first one and so on.. until it fails on 3 or more thus invalidating the user on AD with 3 bad password attempts...
Just a thought... Joe ----- Original Message ---- From: John Hanson <[EMAIL PROTECTED]> To: [email protected] Sent: Wednesday, February 28, 2007 5:55:24 PM Subject: Locking out AD accounts ** Hello all, Since we upgraded to 6.3 I've been getting several reports from users who say that their active directory accounts are being locked out after a single bad password attempt, whereas in the previous version this was not the case. We're using the same AREA LDAP integration now that we did before, but it seems that in 6.3 Remedy tries to contact the LDAP server several times instead of just once. Does anyone know of a configuration setting that I can add that would prevent it from making so many attempts? I found something of use in a KB article for version 5.1.2, but it doesn't seem to apply hereĀ : It is recommended that users use 5.0.1 patch 1136 or higher of the client User Tool because it fixes a problem where if the user enters in the wrong password, the unpatched version keeps trying to login the user 5 times. Most customers have a rule set up to lock out a users account if they try three times without entering in the correct password. Therefore, the unpatched user tool can lock out a user's NT account if they make one mistake on the password. Any thoughts are appreciated. ARS 6.3 p18 Solaris 9 Oracle 9.2 Thanks!! John Hanson Remedy Administrator/Developer The Standard 1100 SW Sixth Avenue Portland, OR 97204 Telephone (971) 321-7153 [EMAIL PROTECTED] ____________________________________________________________________________________ Sucker-punch spam with award-winning protection. Try the free Yahoo! Mail Beta. http://advision.webevents.yahoo.com/mailbeta/features_spam.html _______________________________________________________________________________ UNSUBSCRIBE or access ARSlist Archives at www.arslist.org ARSlist:"Where the Answers Are"
