Err Msg: The Referenced Account Is Locked Out and May Not Be Logged on to

Article translations Article translations
Article ID: 245072 - View products that this article applies to.
This article was previously published under Q245072
Expand all | Collapse all


When you try to log on to a backup domain controller (BDC) that is running Microsoft Windows NT Server 4.0, you may not be able to do so, and you may receive the following error message:
The referenced account is locked out and may not be logged on to.
Also, when you log on to the Microsoft Windows NT Server 3.51-based primary domain controller (PDC) on the same domain, and then try to connect to the BDC from the PDC, you may receive the same error message.


This behavior can occur if the PDC and the BDC are not correctly synchronized.


To resolve this issue, synchronize the PDC and the BDC:

  1. Log on to the domain using an account that has administrative privileges.
  2. In Server Manager, click the name of the BDC in the Computer box.
  3. On the Computer menu, click Synchronize With Primary Domain Controller, and then click Yes to confirm the synchronization.
  4. In Event Viewer, check the system log in Event Viewer to make sure the synchronization was successful.


When you gain access to the BDC using an Administrator account, you may see an Event ID 7023 error message in Event Viewer. Event ID 7023 indicates that access was denied with the Netlogon service.


Article ID: 245072 - Last Review: November 1, 2006 - Revision: 1.1
  • Microsoft Windows NT Server 4.0 Standard Edition
kbprb KB245072

Give Feedback


Contact us for more help

Contact us for more help
Connect with Answer Desk for expert help.
Get more support from