The correct solution to this is to use separate service accounts for each service so that you are able to identity which service is the issue. Using a single account for everything leaves you open to significant risk should that account be breached or, as you have seen here, there are password issues.
Azure AD DS showing DC name instead of VM as Source Workstation
Hi,
I have Azure AD and AD DS deployed.
Multiple services on multiple VMs use a single account to access services. The problem is, if a single service has a bad password (for whatever reason) it causes a lockout of the admin account and blocks all other VMs. I need to be able to track the faulty VM.
My issue is, that the Logs do not show the "Source Workstation" being the faulty VM, but the AD DS DC that's in front of it:
Is that a bug, or do I have something not set up correctly? How to track the source of bad-password requests?
What i am doing right now, is switching the VMs off and checking if the requests stop - but this is no long-term solution.