Had a user how reported that their AD user account was being locked out regularly. Problem was caused by excessive password failures.
We traced it down to an XP computer with the LD agent installed, that the user had at her desk an used a an application server for some special developer needs. The user logs onto the computer only occasionally, and only with a local Admin account.
However, we determined that an application on this computer was apparently using some cached account information (with a dated password) of the user's AD account - and it turned out the culprit was the LANDesk ldapwhoami application pinging the Domain Controller with the dated credentials?
How is this possible? This EXE has limited documentation, and its actions in this instance are very troubling. Causing a user a day's + loss productivity, not to mention bout 6 hours of my troubleshooting time to track down the culprit...
We are new to LD, and hope this is only a one-off problem! Please advise.
Thanks,
Steve