January 22, 2007 at 1:10 pm
Has anyone else had this problem?
Whenever a DBA here changes his network password and then uses SSMS, the domain account ends up getting locked out. It's like it is caching the password or something. Logging out/in and restarting the PC doesn't seem to help.
The Redneck DBA
January 22, 2007 at 6:33 pm
Can you be more specific...
I didn't get your question...domain account is sql service account or user account?
MohammedU
Microsoft SQL Server MVP
January 22, 2007 at 7:18 pm
When we change our Windows passwords, and then start using SQL Server Management Studio, using windows Authentication, it ends up locking out our Windows accounts.
It does it for a day or two, then stops and works fine until our next password change.
The Redneck DBA
January 23, 2007 at 5:15 am
Strange behaviou....it is maybe a stupid question, but do you have checked the box "remenber my password" ?
January 23, 2007 at 7:13 am
When you use Windows authentication, it doesn't let you enter a password or check that box
The Redneck DBA
January 23, 2007 at 7:21 am
...that's right...sorry I forgot to switch on my brain.
I suppose you have an active directory. When you change the password of your accounts it could take a moment before changes are spread through the domain controllers (at least 15 minutes or something like this). If you try to log in to soon after change the PW it synchronization may not be completed. It is just an idea......in my opinion SQL is not caching PW, but checking credential in the domain.
January 23, 2007 at 10:29 am
It might be a domain replication issue.
If the domain controller that is handling the account with the just-changed password hasn't replicated the password change to the domain controller that is handling the SQL Authentication, then it's entirely possible that DC #2 thinks you're using the wrong password, hence is locking out your account.
Check to see how many DCs you have (and look at the Active Directory structure) and what the replication settings between them are. Deliberately create a new account on one then watch to see how long it takes for the new account to replicate over to the others. Then make a change on your test account and see how long that takes to replicate over. If you don't have access to this, get your server admin (Domain admin) involved to help you trouble shoot the issue. But I'm betting it's just taking too long for the changes to reach where they're supposed to be, hence your problem with locked-out accounts.
January 23, 2007 at 12:31 pm
I would agree with with Brandie. This sounds more like a replication issue\failure in Active Directory more than an issue with SSMS. Check this link for a list of errors to look for and how to troubleshoot problems.
Viewing 8 posts - 1 through 7 (of 7 total)
You must be logged in to reply to this topic. Login to reply