Domain Admin Account Lockout Issue - Authentication

First, I've tried all the norm checks, services, updates, misc map drives and so forth. Ran MS Lockout tools as well as Netwrix Account Lockout tracer, but this one has me stuck. Have a Domain Admin Account used for various tasks that is failing authentication every minute exactly until fifth time it locks for 15 minutes due to how GPO is set. I know it's on the one DC, but can't find it and doesn't make sense. Shut down anything related to services and tasks or mapping drives. Have two DC's so I shut the one down I thought has the issue and the issue does go away as account stays active with the one DC off that I believe is the issue. Below is the event I see continually with only the Source Port changing and then the 264 event for locked out on the fifth try; (changed account, domain and ip here for security.) The user ID and PW are correct as I use it for other things and can log into the DC with it if unlocked. I've read other threads here on Technet, but haven't found any that show issue is on DC.

An account failed to log on.

Subject:
Security ID: SYSTEM
Account Name: MODC01$
Account Domain: MYDOMAIN
Logon ID: 0x3e7

Logon Type: 3

Account For Which Logon Failed:
Security ID: NULL SID
Account Name: MYADMIN
Account Domain: MYDOMAIN

Failure Information:
Failure Reason: Unknown user name or bad password.
Status: 0xc000006d
Sub Status: 0xc000006a

Process Information:
Caller Process ID: 0x1e4
Caller Process Name: C:\Windows\System32\lsass.exe

Network Information:
Workstation Name: MYDC01
Source Network Address: 192.168.1.1
Source Port: 1027

Detailed Authentication Information:
Logon Process: Advapi
Authentication Package: MICROSOFT_AUTHENTICATION_PACKAGE_V1_0
Transited Services: -
Package Name (NTLM only): -
Key Length: 0

Any help would be appreciated here......Thanks, Mark