pfeinber
asked on
What is wrong with my Account Lockout Policy
I have been asked by security to turn on Password lock after 10 bad attempts.
I also changed the Account Lockout Threshold to 99999 and the Reset account Lockout Counter to 99999. When I turned it on half of my organization was locked out. Any Ideas
Screen-Shot.bmp
I also changed the Account Lockout Threshold to 99999 and the Reset account Lockout Counter to 99999. When I turned it on half of my organization was locked out. Any Ideas
Screen-Shot.bmp
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
If you were just trying to ensure that they are locked out until an admin unlocks them, you set lockout duration to zero(default).
For one thing, if someone attempting to gain unauthorised access to a network tries 3 or 4 passwords and then locks the account out, the real user of that account will notify you and you will be aware of a potential security threat very quickly.
Can it be inconvenient? Yes. But what is more important?