Share via

Service account for Application Getting locked

Lazy Bee 0 Reputation points
2026-02-06T17:57:52.0566667+00:00

We have Provided hosted application called NewArc which has dependencies on Sharepoint Farm. It is hosted in IIS. Now we are shifting it to Standalone server as standalone application. But the service account we have used to configure the application is getting locked after every 5mins. As a result we are facing error which running the application and site. We tried to find out if any jobs or services or iis using old password but No luck, as we updated the new password everywhere. Could anybody help or guide.

Microsoft 365 and Office | SharePoint Server | For business
0 comments

2 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Austin-H 8,335 Reputation points Microsoft External Staff Moderator
    2026-02-06T23:49:56.88+00:00

    Hi @Lazy Bee 

    Thank you for posting your question in the Microsoft Q&A forum. 

    When an account locks out every few minutes, it typically indicates that a service or process is still attempting to authenticate using outdated credentials.

    Here are some steps to investigate: 

    1.Identify the source of bad logons 

    -On a Domain Controller, check Security logs for Event ID 4740 (Account locked out). 

    -This event shows the caller computer name and sometimes the process/service. 

    -If you don’t see 4740, confirm Account Lockout auditing is enabled in Group Policy. 

    2.Check common places that still use old credentials: 

    IIS Application Pools 

    -Even if credentials were previously updated, verify all application pools: 

    IIS Manager > Application Pools > Advanced Settings > Identity  

    -Re-enter the password and restart the application pool.

    Windows Services 

    -Services may retry authentication at regular intervals.

    -Run in PowerShell: 

    Get-CimInstance Win32_Service | Where-Object { $_.StartName -like "*ServiceAccountName*" } | Select Name, StartName  

    -Update credentials and restart affected services. 

    Scheduled Tasks 

    -Review Task Scheduler (including hidden tasks) for tasks running under the service account.

    -Or via PowerShell: 

    Get-ScheduledTask | Where-Object { $_.Principal.UserId -like "*ServiceAccountName*" }  

    -Update credentials or disable outdated tasks. 

    Stored Credentials (Credential Manager) 

    Control Panel > Credential Manager > Check Windows Credentials and Generic Credentials > Remove anything referencing SharePoint, SQL, IIS, or old servers. 

    3.SharePoint remnants 

    If the account was tied to a SharePoint farm: 

    -Old farm servers may still be calling endpoints or running timer jobs. 

    -Review SharePoint ULS logs around lockout times. 

    -Check SQL connection strings in web.config or appsettings.json. 

    -Verify SQL Agent Jobs aren’t using the outdated account. 

    I hope this helps. 

    If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".   

    Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.  

    1 person found this answer helpful.
  2. Q&A Assist
    2026-02-06T17:58:01.71+00:00
    AI generated content. This question contains an answer created with AI from Q&A Assist. Learn more

    It sounds like the service account for your application is experiencing a password mismatch issue, which can lead to it being locked out. Here are some steps you can take to troubleshoot and resolve the issue:

    1. Check for Password Mismatch: Ensure that the password for the service account is correctly updated in all locations where it is used, including IIS, SharePoint service accounts, and any scheduled tasks or services that might be using the old password.
    2. Active Directory Account Lockout: Investigate if there are any systems or services that might still be trying to authenticate using the old password. This could include old application pools, scheduled tasks, or other services that have not been updated.
    3. Audit Account Lockouts: Use Active Directory tools to audit the account lockouts. This can help identify which system is causing the account to lock out. You can enable auditing on the domain controller to track failed logon attempts.
    4. Service Account Permissions: Ensure that the service account has the appropriate permissions and is not being used in a way that could cause it to lock out due to incorrect password attempts.
    5. Update Password via PowerShell: If you suspect a password mismatch, you can use PowerShell to update the service account password. Make sure you have the necessary permissions to do this.
    6. Check Timer Service: If you are using SharePoint, ensure that the Timer Service is running properly, as it can affect service account provisioning.

    By following these steps, you should be able to identify the cause of the account lockouts and resolve the issue.

    0 comments

Your answer

Answers can be marked as 'Accepted' by the question author and 'Recommended' by moderators, which helps users know the answer solved the author's problem.