I am not sure if this is the correct forum to post this issue.

We get semi random people get locked out of their account. The inturder lock out is only 15 minutes, so no is really affected, but it is odd.

On the server creen, we see NMAS.NLM intruder detection on user XXXX. It tends to happen to the same people 15-20 poeple. The users claim they did not put in their password wrong. Sometimes I can not even if they even put in their password for something. All I can tell is last address to cause the incorrect login is the deadicated Netware 6.5 email server.

Most of our servers are netware 6.5, all (except one) are sp8. There are some Netware 5.1 servers. DS 8.7.10.

any ideas where to start?


Phil J.