none
Mapped drives causing lockout, no saved credentials found RRS feed

  • Frage

  • I have checked the following threads and followed their instructions to no avail:
    1) http://social.technet.microsoft.com/Forums/windows/en-US/ced8eab6-87e2-4d20-9d18-7aaf5e9713a3/windows-7-clear-cached-credentials?forum=w7itpronetworking
    2) http://social.technet.microsoft.com/Forums/windows/en-US/268cb72e-0916-4219-8543-219092d2fb39/command-line-for-credential-manager?forum=w7itprosecurity
    3) http://answers.microsoft.com/en-us/ie/forum/ie9-windows_7/cannot-delete-stored-passwords-and-usernames-ie/aa530e93-9ef6-49a8-8658-ef9405e7c9c1


    OS:  Windows 7

    Workgroup-joined (vice domain-joined)
    Logging in with local, non-admin account


    Two drives mapped with domain account - "Reconnect at logon" and "Connect using different credentials" both checked, connecting using domain credentials; "Remember my credentials" is NOT checked

    I know that it is the mapped network drives causing the lockouts as:
    - with no drives mapped, I log in to the computer locally and no bad passwords are submitted to the DC's
    - with "X" drives mapped as described above, I log in to the computer and, during the login, "X" bad passwords are submitted to the DC's

    Steps performed:
    1) Go to Windows Credential Manager - only credential listed is virtualapp/didlogic; NO other credentials listed
    2) Run 'rundll32.exe keymgr.dll, KRShowKeyMgr' - NO credentials listed
    3) From command prompt, run 'cmdkey /list' - only credential listed is virtualapp/didlogic; NO other credentials listed
    4) Check "HKCU\Software\Microsoft\Protected Storage System Provider\<SID for your Account>" and found only '(Default)' (which has no entry)
    5) From command prompt, run 'net user * /delete' and answer 'y' to the "are you sure?", reboot, log in (0 bad passwords), map drives without saving credentials, log out, log back in (2 bad passwords)
    6) Repeat steps 1-4 again as SYSTEM user (via psexec), followed by step 5 as SYSTEM user and as local, non-admin user

    I've checked with colleagues and we're at a loss; we are hoping that someone will be able to point out other locations where credentials may be stored and/or other steps to perform besides wiping the computer - this problem has manifested multiple times, and wiping a computer every time the domain account password has to be changed is not a reasonable solution for us to offer our customers.

    Thank you very much!

    • Bearbeitet c0lorless Dienstag, 28. Januar 2014 18:56 paragraph spacing
    Dienstag, 28. Januar 2014 18:52

Alle Antworten

  • Hi,

    This article may help you resolve the problem

    Troubleshooting Account Lockout

    http://technet.microsoft.com/en-us/library/cc773155(v=ws.10).aspx

    Hope it helps.

    Regards,

    Blair Deng


    Blair Deng
    TechNet Community Support

    Donnerstag, 30. Januar 2014 04:56
    Moderator
  • Thank you for your reply.  We actually already know the source of the lockouts - the mapped drives on this particular computer.  The issue is that there are no saved password for the mapped drives, but Windows is still submitting incorrect passwords for them at login.

    It is almost as though Windows has saved credentials for authenticating to the server(s) and those credentials are saved somewhere that we can't find.  Maybe - that's just a thought and could be way off.

    Anyway, if you have any other info that may help, I'll be monitoring.

    Thank you!

    Donnerstag, 30. Januar 2014 05:16
  • Persistent drives may have been established with credentials that subsequently expired. If the user types explicit credentials when they try to connect to a share, the credential is not persistent unless it is explicitly saved by Stored User Names and Passwords.

    You may configure net use so that is does not make persistent connections. To do this, at a command prompt, type net use /persistent:no. Alternately, to ensure current credentials are used for persistent drives, disconnect and reconnect the persistent drive.

    Donnerstag, 30. Januar 2014 07:51
  • jzmine,

    Thank you for your reply.  Please review step 5 of the steps performed from my original post.  I will try the 'net use /persistent:no' command and see if it works, though I do not expect it to do so.

    Do you know of any other locations where credentials may be stored other than those listed in the original post?

    Thank you!

    Donnerstag, 30. Januar 2014 15:50
  • Hey

    I have the same problem. Ever get the answer on this?

    Jore

    Donnerstag, 22. August 2019 11:50