Some users are locked when trying to logon with their (domain)laptop

Hilko van Dijk | VCS Observation 0 Reputation points


I have a number of users in our AD domain, these users are blocked while trying to login to their laptop at the first attempt. The moment they are logged in, they are not bothered by it nor locked out, but this only happens when they have locked their laptop and want to log in again when it is "automatically" locked in the background. They get the message "the account referred to is currently locked , and registration is not possible". I don't see this back in our AD server that they are locked, so it only seems to occur locally. But it seems to come from a domain policy or other.

It mainly happens when they are actively present in the network. They can get around it by disconnecting the network and login in "locally". Then do a "gpupdate /force" to get their drive mapping back.

It also doesn't happen to all users in the domain, only for some users. If I filter on the properties of ID 4740 via PS on the domain server, it happens very often per day for this user. Sometimes at lot and sometimes not for a long period, but several times a day. I also took a screenshot. I also don't see a source host associated with the user.

I have already tried different solution such as deleting saved credentials. Also the laptop of 1 colleague has already been re-installed with Windows 11.
I don't know how to proceed to find a solution, hopefully someone can help?

**excuse my english if the problem is not clear enough, please don't hasitate to ask again. :)

Regards, Hilko

Windows Server
Windows Server
A family of Microsoft server operating systems that support enterprise-level management, data storage, applications, and communications.
11,708 questions
Active Directory
Active Directory
A set of directory-based technologies included in Windows Server.
5,543 questions
Windows 11
Windows 11
A Microsoft operating system designed for productivity, creativity, and ease of use.
7,581 questions
0 comments No comments
{count} votes

1 answer

Sort by: Most helpful
  1. Dave Patrick 426.1K Reputation points MVP

    But it seems to come from a domain policy

    Try create a new container without any policy applied and also a new user outside of any policy for testing.

    --please don't forget to upvote and Accept as answer if the reply is helpful--