ARCServe NT account keeps locking. HELP!

[Edmee]

After changing the password for the ARCServe NT backup account, modifying all backup jobs to reflect this, and changing the system account within ARCServe's server admin the NT account now keeps getting locked. Therefore I assume somewhere, somehow ARCServe is still expecting the old password. I have deleted and recreated all jobs using the account but the problem still persists. How do I find out which area is causing the problem, or perhaps I have overlooked something? Any help very much appreciated!!

Edmée de Klerk
Storage Management Lead - AP
IBM Global Services

 

[davidmichel]

Are the ARCserve services configured to Log On as Local System Account or This Account?

Are any agents being used that could be using the old password?

 

[monjul]

This happened to me once. It turned out that the Arcserve NT account was logged onto the network on another machine. It can even be a desktop.

 

[monjul]

Sorry, let me clarify. The Arcserve NT account was logged in with the *old* password on another unit.

 

[dholbrook]

edmee,

The NT backup account can only be locked out by the system, and only happens is if the "user account" attempts to log on with incorrect passwords too many times in a row (depends on your security policy criteria). The user account could be tied to a service or to one or more of the jobs themselves, especilaly if they were not created on the local system where the ARCserve actually launches and runs.

In the case of ARCserve, I would highly suspect first that one or more ARCserve service is running as a service logged on as the user acount in question(your NT backup account). Mine are set to interact with the desktop, but not to logon as a user account. Check the ARCserve service properties on each system that launches backups (where the tape drives are located) to find if one is logging on as a user and could be using the old user account information.

When a job was created, the user account used to creat the job could have had the user account and a password included with it, so you can have a job which would then log on as that user whenever it ran( the NT Backup account?).

You will need to either check each job and change or remove the account information, or delete the jobs and re-create them without any username or passwords tied to them. This especially applies if the jobs were not created directly on the local machine where the jobs run (created on a remote management station). Jobs will always have an owner account tied to them, but can also have a username and password imbedded in the properties of the job. I would check the properties of each job to be sure no passwords were included. Any job that displays anything in the username and/or password column under the properties would be highly suspect as the villan.

If you can not easily find the machine that is causing the problem, then rename the ARCserver account so the old name does not lock out the current account. Should also let you find the machine where the problem is too, because the backups will fail to run there!

HTH,

David

 

[dholbrook]

Edmee,

Another thing to check:

Open ARCServe Manager, and select job status.

Pick any job, select modify, then go to FILE, SAVE AS, and it will bring up the Security and agent info, where you should see ALL the agents that are using the account and password. You need to fix ALL of them to make sure they are using the new password for the ARCserve user.

HTH,

David