Hi,

I'm having endless problems trying to resolve where account lockout are originating.

The problem I'm having is that there are a number of developers using VM and are hybernating or suspending their VM's.

When they change their password and start their VM the password seems to be cached by the ZAA and locks the account out.

The AD DC's are reporting that our ZCM server has locked the account out, which is correct.

To try and resolve this issue, I've enabled debug logging on the CASA server but the only information which is logged is the user account name and not the originating host.

Does anyone know how to track down/log where a request has originated from (without using wireshark)?

Thanks
Steven


2010-04-08 16:36:01,203 INFO ia.IAContext [LDAP: error code 49 - 80090308: LdapErr: DSID-0C090334, comment: AcceptSecurityContext error, data 775, vece]
2010-04-08 16:36:01,203 WARN authtoksvc.PwdAuthenticate invoke()- NamingException: [LDAP: error code 49 - 80090308: LdapErr: DSID-0C090334, comment: AcceptSecurityContext error, data 775, vece]Exception occured while adding connector specified at [XPath: /bci:realms/bci:realm[@id='addomain.com']]
2010-04-08 16:36:01,203 WARN authtoksvc.PwdAuthenticate invoke()- Failed to resolve identity for entity <username goes here>
2010-04-08 16:36:01,203 INFO authtoksvc.Authenticate invoke()- identId not resolved