The referenced account is currently locked out and may not be logged on to

Question

The referenced account is currently locked out and may not be logged on to

Anonymous

Created a Azure ADDS (followed link -> https://learn.microsoft.com/en-us/azure/active-directory-domain-services/tutorial-create-instance ))
Created a VM on windows server (followed link -> https://learn.microsoft.com/en-us/azure/active-directory-domain-services/join-windows-vm ))

Then connected to the VM using RDP
But while connecting to domain when we enter credentials, we get an error saying "The referenced account is currently logged out, and may not be logged on to."

I have attached the screenshot of the error.

We tried deleting MicrosoftTeams-image (1)

the VM and creating new VM, also changing the account lockout threshold policy.

christopher hauck 20 Reputation points

2024-01-10T06:09:16.48+00:00

yeah, literally not the only reason
been getting this lie of an issue for months now with my 100% personal network share with this popup happening every time I reboot a device connected to the share

the only reason it should lockout an account because of connection issues is wrong password(dns settings should not factor in since it should just say "wait till later since we can't connect to microsoft to verify the password right now"), but that literally can't be the case since it was connected and working 100% prior to reboot, and it locks out after reboot, almost like it tries to connect before the boot finishes initializing the network stack, a clear bug

3 answers

Your answer

christopher hauck 20 Reputation points

2024-01-10T06:09:16.48+00:00

yeah, literally not the only reason
been getting this lie of an issue for months now with my 100% personal network share with this popup happening every time I reboot a device connected to the share

the only reason it should lockout an account because of connection issues is wrong password(dns settings should not factor in since it should just say "wait till later since we can't connect to microsoft to verify the password right now"), but that literally can't be the case since it was connected and working 100% prior to reboot, and it locks out after reboot, almost like it tries to connect before the boot finishes initializing the network stack, a clear bug

Answer 1

Marilee Turscak-MSFT 37,206 Microsoft Employee Moderator

@Anonymous ,

In addition to being thrown by the account lockout threshold policy, this is a Windows error that typically occurs when a password is repeatedly entered incorrectly, when there are expired passwords, or if there are incorrect DNS settings.

In your case it sounds like there could be a device or service using old credentials that keeps using the old password and trying to log in. You should be able to verify this by checking the event log on the server.

In addition, you can try these steps to resolve the error:

Follow the steps to unlock the user account and confirm if there are any policies that could be locking out the account: https://docs.microsoft.com/en-us/azure/active-directory-domain-services/troubleshoot-sign-in.
Create a new user account and use it to log in to the domain.
Check the DNS settings as described here.

I've moved this post to the Windows section of Q&A, but let me know if you still run into the issue after trying these steps.

If the information helped you, please Accept the answer. This will help us as well as others in the community who may be researching similar issues.

christopher hauck 20 Reputation points

2024-01-10T06:11:00.2033333+00:00

yeah, literally not the only reason
been getting this lie of an issue for months now with my 100% personal network share with this popup happening every time I reboot a device connected to the share

the only reason it should lockout an account because of connection issues is wrong password(dns settings should not factor in since it should just say "wait till later since we can't connect to microsoft to verify the password right now"), but that literally can't be the case since it was connected and working 100% prior to reboot, and it locks out after reboot, almost like it tries to connect before the boot finishes initializing the network stack, a clear bug that to be fixed
christopher hauck 20 Reputation points

2024-01-10T06:11:39.98+00:00

yeah, literally not the only reason
been getting this lie of an issue for months now with my 100% personal network share with this popup happening every time I reboot a device connected to the share

the only reason it should lockout an account because of connection issues is wrong password(dns settings should not factor in since it should just say "wait till later since we can't connect to microsoft to verify the password right now"), but that literally can't be the case since it was connected and working 100% prior to reboot, and it locks out after reboot, almost like it tries to connect before the boot finishes initializing the network stack, a clear bug that must be fixed

Answer 2

Craig Nicholas 0

I had a similar problem. I got this message which occurs before prompted to authenticate. I disabled IPv6 in the VM and on the physical server that provided a share and then I was prompted to log in.

christopher hauck 20 Reputation points

2024-02-21T14:39:49.1733333+00:00

sadly irrelevant to my situation, 0% virtual, I have a win-10 "server" and wind 10 "client" on the SAME subnet, the issue is due to Microsoft coding the share reconnect to happen before netcode is fully ready, causing the microsoft account login to fail, but rather than fail with a specified "can't verify" error it fails with a "wrong password" error
they need to enforce a netcode wait into any logins involving online authentication, if it can't connect to a server it is impossible to say honestly if the password is wrong, so don't lie and say it is

Answer 3

it seems like the only valid solution is to never use microsoft accounts in "automatic reconnect" mode
the code for reconnecting network shares ignores if a connection is valid or not, so instead of saying "can't verify the login details, wait 30 seconds and try again" it just lies in a lazy manner and says "wrong password" which incorrectly trips brute force connection protections
the only way to ensure this doesn't happen is to create a local login that may or may not be given a desktop via policies, then exclusively use that login for network shares and possible other RDP type utilities(like my megaraid management software for instance)
maybe if microsoft actually listened to user feedback they would never have created any OS after windows 7(windows 8 was a decent idea but should have only existed as 8.1 because the metro theme was worthless if you installed it on a desktop, and edge was doomed to be rejected by power users because built-in browsers are permanently tarnished in all eyes)
but microsoft doesn't care what the end-user thinks, they will pretend like they know why updates were often ignored for months on end, despite their reason being 100% false

we ignored updates 10 years ago because some of us didn't have broadband, and SSD's were not cheap yet so the performance hit was unacceptable and you demand a reboot for everything when you can just selectively restart the affected services
but they won't look at the reasons stuff is broken, they will pretend like it is something else that is clearly isn't

Share via

The referenced account is currently locked out and may not be logged on to

3 answers

Your answer