For a user , we are facing this interesting issue. Sometimes (not always, but few times in a day) user is unable to access the application and being shown the error as "User has been either locked out for successive incorrect password or it has been disabled". However when we check the Account in AD, it seems fine.
When we checked the smaccess.log for corresponding time period, we can see below error message, where user is perhaps being locked out and we are getting Authentication rejected, but AD account seems to be fine.
[Auth][AuthReject][xyz.hiw.com][04/Feb/2019:07:27:37 -0500][dssoagent][gwRdYCJt35u4zdPZeyeUtvsgLNg=][john@APAC.corp.local][03-000b53ff-6569-1514-88a3-2d250aa220dd][Protect SSORedirect][06-00004b1c-656d-1514-88a3-2d250aa220dd][18.104.22.168][/ssoredirect/pwdexpirychk.asp][GET][Account disabled. 80090308: LdapErr: DSID-0C09042F, comment: AcceptSecurityContext error, data 775, v2580][SSORedirectDomain]
Please suggest what all possibilities can exist here to lookout?