How user accounts can get locked out when using LANDesk Management Suite.

There are many places that user credentials can be stored in the LANDesk Management Suite.  If the password is changed on the user account and static credentials with the old password are used it will lock out the account when the lockout threshold has been passed.

Here are some possible locations to check when an account gets locked out:

1) Services

a) Open the console on the core server.

b) Configure - Services - Scheduler - Change Login

c) Verify the accounts in the service login as well as the alternate credentials.

2) Other services

a) Run "services.msc" on the core server.

b) Look at the "Log On As" column for services to see if any are running under a user account.

3) COM+ applications on the core

a) Start - Programs - Administrative Tools - Component Services.

b) Component Services - Computers - My Computer - COM+ Applications.

c) For both LANDesk and LANDesk1, right click, Properties - Identity.

d) Verify the credentials for both COM+ applications.

4) Preferred servers

a) Open the console on the core server.

b) Configure - Preferred server.

c) Edit each server and verify the credentials being used.

5) Directory Manager

a) Tools - Distribution - Directory Manager.

b) Remove any configured LDAP directories.

6) Users Active Directory

a) Tools - Administration - Users.

b) Click on the "Login to Active Directory" icon.

c) Even if you are logging in to Active Directory it will not display here. (You can see if you are by looking in the ActiveDirectory table in the LDMS database).

d) Enter a good user account that has access to Active Directory. This will overwrite the existing credentials in the ActiveDirectory table (as you can only specify one account for this).

7) Mapped Drives

Check for any mapped drives on the core server or console machine (if using a console). Disconnect all mapped drives.

8) Security and Patch Downloads-

a) Tools - Security - Security and Patch Manager.

b) Click on the Download updates icon.

c) Verify any credentials on the Proxy Settings and Patch Location tabs.

9) Scan and Repair Settings

a) Tools - Security - Security and Patch Manager.

b) "Configure settings" icon - Scan and Repair Settings

c) Edit settings, check for credentials on the MSI tab.

10) OSD Scripts

It can be difficult to sort through all of the OSD scripts, especially if you have many. To make this easier, simply do a Windows search for any files in the LANDesk\ManagementSuite directory (and all subdirectories) that contain the text of the username that is getting locked out. The OSD scripts are stored in the LANDesk\ManagementSuite\scripts directory.

11) Core Server Activation

a) Start - All Programs (or Programs) - LANDesk - Core Server Activation

b) Click the "Proxy" tab.

c) Clear all the text boxes, then un-check the "Require Login" and then "Use Proxy Server" (Note that un-checking the "Use Proxy Server" first will result in the credentials still being cached).