We are using RADIUS against our AD to authenticate our BYOD users. It works very well with one caveat...
We're having trouble with devices that have the wrong AD password locking our user accounts in these two scenarios:
-When a user changes his password and does not change it on the BYOD device.
-When a user attempts to connect with a wrong password and does not correct the password when the connection fails.
In both cases there is a device constantly trying to authenticate with his username and a wrong password. For the most part, the user knows which device is causing the problem and can fix it, but there are ongoing instances of the user having no knowledge of what device is causing the problem.
I've tried running Account Lockout Examiner but the workstation that cause the lockout just shows up as the AP that runs radius.
Two questions: 1. Has anyone else run in to this problem? If so, how have you tracked down the offending device?
2. Is there a way to get the radius server to stop requesting the authentication to AD?
I'm assuming it can be tracked down through snmp, but I'm not very familiar with configuring snmp.