Article ID: 299352 - View products that this article applies to.
This article was previously published under Q299352
This article has been archived. It is offered "as is" and will no longer be updated.
The SMSCliToknAcct& account may be locked out on any server that functions as a Client Access Point (CAP). If security auditing is turned on, the Security event log may show unsuccessful logon attempts, and may show account lock-outs with event IDs 529 and 539.
This problem may occur because SMS clients may sometimes try to connect to CAPs by using their local SMSCliToknAcct& account. If the domain or server has a lockout policy in use, the domain or server SMSCliToknAcct& account is locked out. This prevents Software Distribution from working on domain controllers or servers that are CAPs.
Microsoft has confirmed that this is a problem in the Microsoft products that are listed at the beginning of this article.