Discovery account getting locked out frequently
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎09-16-2020 03:22 AM
we have used the service account for discovering the following VMware,mssql_instance,exchange_mailbox,F5 SSH everyday account gets locked out unable to figure out through discovery logs which server is causing the lockout.
- Labels:
-
Discovery
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎09-17-2020 06:35 AM
Another suggestion is check your sudoers file because if you are asking to run a command with SUDO you don't have access to it counts towards your failed login count. I had a client who was constantly getting there account locked out and it was because of this (they had there unix/linux account attached to AD).

- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎09-18-2020 05:49 AM
There are multiple reasons for account lockout.
- Multiple incorrect login attempts - Can be fixed by arranging the order of credentials which are commonly used
- External credential store cyberark modified the password while the discovery schedule was running - Change the timings of either cyberark password change or discovery schedule
- Max allowed number of users already logged into machine which discovery is trying to login - Should be fixed through governance
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎06-18-2025 10:43 AM
Adding my comments for anyone who lands here in the future.
For us, the account gets locked when the IP range also has the IP address of the mid server that is used for discovery. WMI commands does not work on the host IP address, instead you have to use the loop back IP address of 127.0.0.1.
Hope it helps someone.
Regards,
Hitesh Patel