intruder lockout...randomly. some days, he logs in just fine, other days,
it won't accept his password. All it takes to get him back on to the server
is to clear the lockout through console one. User insists that he's typing
his password correctly.

I've noticed that most of the time, the "last intruder address" that shows
in console one is listed as "12". just plain old "12". the ipaddress of
the server to which the user is attempting login is however,
today, c1 shows 192.168.l1.214, which is the mac's ip address. but it shows
the whole thing, not just the last octet. (???) I don't know if that
indicates anything...but I noticed.

I have a half-dozen other mac users that have no problem logging into this
same server, with the same systems. (OSX.3). Server is NW6.0, spk5,
afp129. (afptcp.nlm: 1.02.09).