User Accounts May Get Locked out After Entering Wrong Password Using RAS

ID: Q185260

The information in this article applies to:

Microsoft Windows NT Workstation version 4.0
Microsoft Windows NT Server version 4.0
Microsoft Windows NT Server version 4.0, Terminal Server Edition

SYMPTOMS

When using Remote Access Service (RAS) with third-party dial-in servers using Shiva Password Authentication Protocol (SPAP), a user account may be locked out if a wrong password is entered. This problem will only occur if account lockout is enabled.

CAUSE

This problem occurs if Windows NT has to retry the authentication request. Windows NT loses synchronization with the server. This causes Windows NT to retry the authentication requests until retries are exhausted.

RESOLUTION

To resolve this problem, obtain the latest service pack for Windows NT 4.0 or Windows NT Server 4.0, Terminal Server Edition. For additional information, please see the following article in the Microsoft Knowledge Base:

Q152734 How to Obtain the Latest Windows NT 4.0 Service Pack

STATUS

Microsoft has confirmed this to be a problem in Windows NT 4.0 and Windows NT Server 4.0, Terminal Server Edition. This problem was first corrected in Windows NT 4.0 Service Pack 4.0 and Windows NT Server 4.0, Terminal Server Edition Service Pack 4.


Keywords          : NT4SP4Fix kbbug4.00 kbfix4.00.sp4 
Version           : WinNT:4.0
Platform          : winnt 
Issue type        : kbbug

Last Reviewed: April 10, 1999