This article was previously published under Q299352
This article has been archived. It is offered "as is" and will no longer be updated.
The SMSCliToknAcct& account may be locked out on any server that functions as a Client Access Point (CAP). If security auditing is turned on, the Security event log may show unsuccessful logon attempts, and may show account lock-outs with event IDs 529 and 539.
This problem may occur because SMS clients may sometimes try to connect to CAPs by using their local SMSCliToknAcct& account. If the domain or server has a lockout policy in use, the domain or server SMSCliToknAcct& account is locked out. This prevents Software Distribution from working on domain controllers or servers that are CAPs.
Microsoft has confirmed that this is a problem in the Microsoft products that are listed at the beginning of this article.