I believe when you unlock, the workstation will use cached authentication unless otherwise specified, so I'm not surprised that she could unlock. Something or someone is entering her username and an invalid password. Have you checked for scheduled tasks and what not? Ray at work -----Original Message----- From: Farrugia, Paul [mailto:pfarrugia@xxxxxxxxxxxx] Sent: Wednesday, August 06, 2003 2:16 PM To: windows2000@xxxxxxxxxxxxx Subject: [windows2000] Re: Account Lockouts Thanks for all the help.....it just happened again.....the user was logged onto the network, locked her pc and went to lunch....when she came back she unlocked her pc and was able to continue but when she opened outlook it asked for username, password and domain.....i checked her account and saw that she was once again locked out..... -----Original Message----- From: Lane, Mark [mailto:MDL@xxxxxxxxxxxxxxxxx] Sent: Wednesday, August 06, 2003 9:29 AM To: 'windows2000@xxxxxxxxxxxxx' Subject: [windows2000] Re: Account Lockouts One problem is that Windows 2000 will try kerberos authentication, and if unsuccessful, will then try NTLM authentication. Each bad password entry counts as 2 failed attempts. -----Original Message----- From: Farrugia, Paul [mailto:pfarrugia@xxxxxxxxxxxx] Sent: Wednesday, August 06, 2003 8:11 AM To: windows2000@xxxxxxxxxxxxx Subject: [windows2000] Account Lockouts Hi, Has anyone ever experienced this before? I have two users that have been getting locked out while already logged onto the network. I also watched another user enter their password incorrectly just one time and get locked out. Our account policy has a three failed attempts before lockout rule. They are all on Windows 2000 Pro workstations and we are using Windows 2000 servers. Thanks in advance for any help. Paul. By the way should we be using this list or the Tropicana list? ********************************************************************************************************** The information contained in this e-mail message is intended only for the personal and confidential use of the recipient(s) named above. Distribution, publication, or retransmission of this message is strictly prohibited. This message may be a bank to client communication and as such is priviliged and confidential. If the reader of this message is not the intended recipient or an agent responsible for delivering it to the intended recipient, you are hereby notified that you have received this document in error and that any review, dissemination, distribution, or copying of this message is strictly prohibited. If you have received this communication in error, please notify us immediately by e-mail, and delete the original message. The sender of this e-mail specifically "opts-out" of the Electronic Signatures and Global and National Commerce Act (E-Sign) and any and all similar state and federal acts. Accordingly, but without limitation, any and all documents, contracts, and ageements must contain a handwritten signature of the sender to be legal, valid, and enforceable. **********************************************************************************************************