Account Lockout Caller Computer Name Blank
Troubleshooting an Active Directory account lockout when the Caller Computer Name is blank can be a pain. In a past post, we discussed how to troubleshoot an AD account that keeps getting locked. The post goes into detail how to find the computer that is responsible for the lockouts. However, what if the Caller Computer Name is blank or empty? This makes troubleshooting this issue a lot tougher.
The most likely reason for this is an application outside of the windows Operating System that is trying to perform some authentication process with the user account’s AD credentials. In my experience, when we have customers complain that their account keep getting locked with a blank computer name, most of the time it is a Java application or some other application that is trying to authenticate to a proxy server (for example) or some other server on your network.
Take the example of the Java application being used in the Internet Explorer browser application. A user navigates to a websites that pops up a java app. All of a sudden, the user is prompted for credentials to a proxy server. The user may either enter their credentials or close the prompt but by that time, the process has already tried several times and has automatically locked out the user’s account. Therefore it is always a good idea to query your user and ask specifically what applications or websites they were running or accessing right before the lockout. You may find your answer quickly.
Obrigado pelos esclarecimentos. Só acho que pelo menos o IP deveria ser registrado, independente se este sistema que está com as credenciais configurada seja windows ou não, se utilizar IP, então que fosse necessário registrar pelo menos isso.
Thank you for commenting Richard. I agree that it would be nice if the OS could record the IP address instead of just giving you a blank name but unfortunately that is the way it is for now. I hope the post was helpful for you.