User account keeps getting locked out

0

I have a user in my environment that keeps getting locked out. I have managed to trace the source of the lockouts and found a process on a server which is located on C:\Windows\System32\inetsrv\w3wp.exe to be the cause. From what I understand this is an IIS worker process.

The event associated with it is

Log Name:      Security
Source:        Microsoft-Windows-Security-Auditing
Date:          13/07/2016 13:52:26
Event ID:      4625
Task Category: Account Lockout
Level:         Information
Keywords:      Audit Failure
User:          N/A
Computer:      testpc.lab.com
Description:
An account failed to log on.

Subject:
    Security ID:        NETWORK SERVICE
    Account Name:       testpc$
    Account Domain:     test.com
    Logon ID:       0x3e4

Logon Type:         8

Account For Which Logon Failed:
    Security ID:        NULL SID
    Account Name:       testuser01
    Account Domain:     test.com

Failure Information:
    Failure Reason:     Account locked out.
    Status:         0xc0000234
    Sub Status:     0x0

Process Information:
    Caller Process ID:  0x4e8
    Caller Process Name:    C:\Windows\System32\inetsrv\w3wp.exe

Network Information:
    Workstation Name:   testpc
    Source Network Address: -
    Source Port:        -

Detailed Authentication Information:
    Logon Process:      Advapi  
    Authentication Package: Negotiate
    Transited Services: -
    Package Name (NTLM only):   -
    Key Length:     0

How can I stop this worker process to lock out my user account? Is there any other way than recreating the windows profile?

active-directory
user-accounts
asked on Server Fault Jul 13, 2016 by DSKyo

1 Answer

1

You should be able to change the user account that is used by worker as described in the article Application Pool Identities on iis.net

...

  1. Open the IIS Management Console (INETMGR.MSC).
  2. Open the Application Pools node underneath the machine node.
  3. Select the application pool you want to change to run under an automatically generated application pool identity.
  4. Right click the application pool and select Advanced Settings...
  5. Select the Identity list item
  6. Select the Built-in account button, and then select the identity type ApplicationPoolIdentity from the combo box.

...

answered on Server Fault Jul 13, 2016 by Grigory Sergeev • edited Jun 11, 2020 by Community

User contributions licensed under CC BY-SA 3.0