I'm running OpenSUSE 10.2 as my main OS at work - which is essentially a Microsoft site. I've joined my computer to the AD domain, and that seems to work OK, so I can access shares and printers. And because I occasionally want to run Windows, I've built an XP virtual machine running under VMWare. I've joined that to the AD domain as well, and it works perfectly once I'm logged on, but getting logged on can be a bit of a pain. When I start the virtual XP machine and try to log in with my Windows credentials, as often as not it will refuse to log on, reporting that my domain account is locked out. Domain policy says three failed login attempts then lockout for 15 minutes, after which I have another 50-50 chance of getting connected. If I reboot my PC into Windows, as long as I'm not currently locked out, I can log in without any problems. So it looks as if Linux is sending unsuccessful login attempts without any action on my part. Can anyone advise?

Thanks,
Stuart

i too am having an issue with this as well as a coworker. it is definitely caused by one of the latest patches that was released. unfortunately we haven't been able to figure out which one.

i have found that not leaving mounted network drives that authenticate to AD on the desktop has helped, but it doesn't seem to have totally fixed it. i'm not sure if that is related, maybe i'm just a bit of a nutter and it hasn't helped at all.

SURE WISH SUSE WOULD LOOK INTO THIS! ;-) it's quite irritating, and the less i have to work in window$ the better!

cheers mate! hope this helps!

It could also be related to the number of concurrent login attempts from what the Windows DCs view as different hosts.

Active Directory has a bad habit of locking the account if a previous host login was not successfully logged out prior to the second host login.

I saw this pretty frequently at my last job with folks logging in and out of Citrix, on different machines. If they failed to log out of one session, they'd be locked out on the the next attempt with a different box.

How many concurrent logins is your account permitted on the Windows domain?

Thankyou both,

I think you are both on the right track. I had a mounted drive on my desktop, so I've deleted that and suddenly can get connected using Nautilus and smb://etcetera. That previously prompted me for domain ID and password, but then told me my account was locked. Now it lets me in. I don't think there's any limitation on domain logins here, so I suspect it's more about not logging out correctly. Unfortunately I don't find it easy to discuss with the domain admins around here as they think that Linux is the blackest of the black arts and don't seem to want to acknowledge its existence. Very sad.

I'll post again when I know whether my problem is partly cured or completely cured.

Stuart

How are you accessing e-mail? I had originally thought that my problem was caused by the VMWare session I was running in order to run Windows and Outlook. However, I have since completely removed VMWare and am accessing my e-mail via the Exchange web client. This is the ONLY active connection I have that authenticates to the network while I am working and I still get locked out. Just thinking maybe it has something to do with Exchange.

I'm at a loss at this pointe.

Don't use Outlook at all here! We're Lotus Notes/Domino for e-mail (decided before we really got into Microsoft products).

And I now know the problem wasn't fixed by removing the Windows shares folder from my desktop, 'cos it has recurred, but much less often (which I think was also your experience).

Stuart

Yes that was my experience as well. Nice to know I'm not nuts. Still searching for answers though. One question I failed to ask.... Are you running Gnome or KDE or something else? I'm running Gnome. I'm starting to wonder if it is a Gnome issue. I am going to install and run KDE for a couple of days and see if it gets better.

Cheers!

-Andy

Gnome here too, so I'll be interested to hear if KDE makes a difference. Can't help thinking MS put some spoiling code in AD that won't play nicely if it thinks it's talking to a Linux box.

Stuart

ARGH! I GIVE UP! Fedora is looking mighty enticing at this point!!!!!