Note: Please see the Troubleshooting Guide for BladeLogicRSCD user lockout issues for more details on troubleshooting these issues.
There are a few different situations where this is behavior is observed:
Member Server causes Domain BladeLogicRSCD to lock
This is typically seen in a domain environment where the RSCD service is running as the BladeLogicRSCD user, a job is running against one or more member servers in the same domain and this job executes something on the member server which causes the member server to attempt to communicate with the domain controller with the credentials of the local (member server's) BladeLogicRSCD account.
This results in the domain level account becoming locked out, while the member server's account remains unaffected.
Domain Controller to Domain Controller
Similar to the above case, a job running against one domain controller in the domain causes the BladeLogicRSCD or BladeLogicRSCDDC account to lock out.
For both cases above, review the Installing or modifying an existing installation with an alternate or per-server account section in the product documentation.
Server to Server lock
In other cases, this can occur between two member servers or two standalone servers where there is some relationship between the two servers (for example a persistent mapped drive) and the job executed against one server causes the same attempt to communicate to the other server with its own BladeLogicRSCD credentials and the BladeLogicRSCD account on the server where the job is not running gets locked out. In the system with the locked account, the event viewer will show event id type 4625 originating from another system.
If the cause of the failed authentication attempts cannot be remedied, then follow the same procedure as noted above:
Installing or modifying an existing installation with an alternate or per-server account section in the
product documentation, on the system where the
BladeLogicRSCD account was locked.
The above procedure will not prevent the failed authentication attempts, but rather stop the failed authentication attempts as
BladeLogicRSCD from causing a lock to the account used on the system where the lock is happening.
Server is generating the failed authentication attempts itselfIn this case, the
BladeLogicRSCD password may have been incorrectly changed, and that is causing the account to lock. In that case, review KA 000379333