Hi,
Thank you for asking this question on the Microsoft Q&A Platform.
As per the logs it is 0X18 and preauthentication failed so I guess you will have to check the event logs on the device and see if there is any services or tasks running that is causing the lockouts? Also can you check the pwdHistoryLength is at least 2, an authentication attempt with the previous password in password history will not increment the badPwdCount, and so will not cause a lockout.
Details of the event ID - event.aspx
Check this and verify the settings please 32490.active-directory-bad-passwords-and-account-lockout.aspx
==
Please "Accept the answer" if the information helped you. This will help us and others in the community as well.