Persistent lockouts

Andrew H 0 Reputation points
2023-10-12T22:02:26.31+00:00

Persistent lockouts

I deployed a new computer to a end user and now I am dealing with a persistent lockout issue. It seems to be related to Remote Desktop. I have performed the following steps:

-Cleared Credential Manger

-Verified no saved passwords in Microsoft Edge & Google Chrome

-Revoked 2FA token

-Signed out of all sessions

-Force log out of Remote Desktop

-Monitor sign in logs

-Checked Lockoutstatus.exe for server

-Checked Event Viewer for the server mentioned in Lockoutstatus.exe (e.g. event 4740)

-Installed the latest Windows Updates and Dell SupportAssist Driver updates

-Updated RemoteApps

-gpupdate /force

-Sync via Settings app

-Instructed the end user to signout instead of closing the window

The end user is locked out very approximately every hour. I am running out of ideas. Is there anything I missed? I don't have too much experience with Remote Desktop, but is there a way for an admin for force the log out? I reached out to a co-worker. I was told it was performed, but it did not resolve the issue.

Windows 10
Windows 10
A Microsoft operating system that runs on personal computers and tablets.
10,763 questions
Windows
Windows
A family of Microsoft operating systems that run across personal computers, tablets, laptops, phones, internet of things devices, self-contained mixed reality headsets, large collaboration screens, and other devices.
4,824 questions
Active Directory
Active Directory
A set of directory-based technologies included in Windows Server.
5,962 questions
Remote Desktop
Remote Desktop
A Microsoft app that connects remotely to computers and to virtual apps and desktops.
4,283 questions
{count} votes

2 answers

Sort by: Most helpful
  1. Gary Reynolds 9,391 Reputation points
    2023-10-24T01:07:50.3+00:00

    Have a look at this post, if the account is being locked by a remote session the report will include the machines in the authentication path, which might help identify which machine the invalid authentication request is coming from. https://nettools.net/troubleshoot-account-lockouts/

    0 comments No comments

  2. Andrew H 0 Reputation points
    2023-10-24T15:17:41.0833333+00:00

    Thank you for the response. I will check out the article and give it a try.

    0 comments No comments