This is a non-interactive account, but when the service that uses the account goes to login to the PDC emulators, the account gets deleted.
This is only happening to 1 account, we have deleted and recreated the account, have created a new account with the same name (and rights) after renaming the old account, no matter what we do the account (call it disableduser for simplicity's sake), it gets disabled every time it tries to do what it does. Oh yeah, the account was running for well over a year without a problem.
The PDC emulators are Win2k running in a 2003 mixed mode environment (our backup and auditing tools don't support our 64-bit 2003 DCs yet, waiting on those to be updated before moving the roles over to a 2003 DC) and the GPOs on the Domain Controllers OU haven't changed in quite some time (or at the domain level). The account hasn't expired and every time the account logs in (non-interactively), the DC Service account (servername$) disables the account with a 642 event and *not* a 629 event.
I've banged my head against this for a day or so and figured I'd fire off something here before calling MS. This is a service-type account and changing the name would take a lot of time adjusting the environment to reflect the new name. Is there some MS patch that might be biting us in the rear that may have been applied in the last 2-3 weeks? I'm just kinda baffled on this, never seen a DC disable an account for apparently no reason.
- [ActiveDir] Account becomes disabled by DCs when it logs in... Matt Hargraves
