Hi all,
We’ve been facing a persistent issue for the past eight months involving frequent Active Directory (AD) account lockouts for a few users. Here’s a summary of the situation:
1.The issue primarily occurs when users access the Active Directory MMC console using the “Run as different user” option.
2.The username format used is root\A_******.
3.Credentials are copied from HashiCorp Vault and used on VDI machines.
4.We suspected a misconfiguration or caching issue with HashiCorp Vault, so we revoked Vault access for two affected users as a test.
5.However, even after removing Vault access, the account lockouts continue.
We’ve checked for saved credentials, scheduled tasks, and mapped drives, but haven’t found a definitive cause yet.
Has anyone experienced a similar issue or can suggest further troubleshooting steps? Could there be a lingering credential cache or background process still attempting authentication?
Any insights or guidance would be greatly appreciated.
Thanks,
Momina