We've started having quite a few accounts that are being locked due to Intruder Lockout. However, in iManager under the user object, Restrictions->Intruder Lockout the Intruder address listed is non-sensical:

Examples from a few accounts that had been locked:

12#C92F0A01001C

12#97520A010006

12#B6580A010006

12#CACF9BFE9EC9

12#B78A0A010006

Does anyone know how to interpret this address? We would like to be able to hopefully determine where the issue is originating and resolve the issue, but the above strings do nothing to help us. Is there anywhere we can get a list of failed log in attempts to xyz server? We think this issue is coming from LDAP queries/authentication, but I have not found or seen a way to log failed attempts within NDSTrace (at least in a format that is meaningful).

TIA,

Ben