Turn on logging for logons and see when and where the user name is beign used. Eliminate the guess work. It may be a task on another box. I have seen developers create tasks on servers, change their own password, and not update the task that runs as them=>lockout. -----Original Message----- From: Farrugia, Paul [mailto:pfarrugia@xxxxxxxxxxxx] Sent: Wednesday, August 06, 2003 1:16 PM To: windows2000@xxxxxxxxxxxxx Subject: [windows2000] Re: Account Lockouts Thanks for all the help.....it just happened again.....the user was logged onto the network, locked her pc and went to lunch....when she came back she unlocked her pc and was able to continue but when she opened outlook it asked for username, password and domain.....i checked her account and saw that she was once again locked out..... -----Original Message----- From: Lane, Mark [mailto:MDL@xxxxxxxxxxxxxxxxx] Sent: Wednesday, August 06, 2003 9:29 AM To: 'windows2000@xxxxxxxxxxxxx' Subject: [windows2000] Re: Account Lockouts One problem is that Windows 2000 will try kerberos authentication, and if unsuccessful, will then try NTLM authentication. Each bad password entry counts as 2 failed attempts. -----Original Message----- From: Farrugia, Paul [mailto:pfarrugia@xxxxxxxxxxxx] Sent: Wednesday, August 06, 2003 8:11 AM To: windows2000@xxxxxxxxxxxxx Subject: [windows2000] Account Lockouts Hi, Has anyone ever experienced this before? I have two users that have been getting locked out while already logged onto the network. I also watched another user enter their password incorrectly just one time and get locked out. Our account policy has a three failed attempts before lockout rule. They are all on Windows 2000 Pro workstations and we are using Windows 2000 servers. Thanks in advance for any help. Paul. By the way should we be using this list or the Tropicana list?