OpenSuSE on winblows Domain

[ainsof]

Hi folks,

Here's one for linux / winblows hybrid gurus...

I have installed opensuse 11.2 on one of my desktops at work and successfully joined said machine to the local domain.

I have my KDE screensaver setup to require a password to resume a logon session.

(BTW, I logon with my winblows domain creds.)

Every so often, when I type my pword into the prompt, I get a notice indicating that my (domain) "account has been locked out."

A quick check into Active Directory Lusers and Computers (I have domain admin creds) indicates that my account has indeed been locked out on the (winblows 2003) domain controller.

I'm in process of convincing other employees here to switch over to Suse on their desktops, but they will still need to use winblows domain creds for network logon.

What is causing this lockout on the DC and how do I remedy the issue?

Thanks

[coopstah13]

maybe someone's been trying to login while you were away!

other than that, i'm not sure

[ainsof]

maybe someone's been trying to login while you were away!
other than that, i'm not sure

Not likely, there are only 3 of us in the department, one is completely trusted, and the other... well... is totally clueless.

Thanks for at least replying.

[HROAdmin26]

This is usually caused by a wrong password typed in and the attemping program tries a few times to pass the password. At 3 times, AD locks the account.

[ainsof]

You are correct HRO.

However, it's only me on this machine. Frankly, I'm here at my desk for the entire day, most of the time.

It has been done before, but I'm certain I'm not fat fingering my own pword.

No-one else here even knows my logins except my associate here, but he wouldn't bother since he has the same access rights under his own accounts.

The third party around here uses "12345 as his login pword..." if you know what I mean.

Quite the quandry, isn't it?

Is it possible that the login manager here occasionally passes the wrong data in triplicate across to the DC?

This may only happen to me once or twice a day, but if we were to setup scores of our end-users on linux desktops... well, you get the picture.

[gogalthorp]

Does it only happen with the login from the screen saver? If you log out and back in does it happen.

[ainsof]

Correct gogalthorp,

Only when I login from the screensaver. I can logoff / back on via KDM without a problem.

[gogalthorp]

Well maybe it is not logging off correctly.

The only way to tell is to capture some net traffic and see what is happening at the screen saver startup and the login.

Maybe use wireshark

Could be a bug that needs to be reported

[ainsof]

Thanks for the headsup. Good ideas, will do.

bmdgi on Experts Exchange said he's had the same problem after joining Fedora and OpenSuSE boxes on a winblows domain.

He/She recommended the following prod., but I haven't had time to play around with it.

Likewise Open Source Software that Authenticates Linux, Unix, and Mac systems with Microsoft Active Directory. www[dot]likewise[dot]com.

You ever heard of this?

[scathefire]

So does it lock you out if you say don't have a password prompted screen saver?