Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people, just like you, are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
Solved

To lock user account (Domain user account) while Offline on 5 unsuccessful tries

Posted on 2006-06-15
3
254 Views
Last Modified: 2010-04-13
We know that as per GPO policies a Domain account can be locked out upon unsuccessful tries while being on the network and connected to domain.

But imagine a scenario when a laptop gets stolen... the theif wants to access the data on the laptop... he knows the login...

currently windows allows unlimited tries to guess user password (if login is known) and doesnot lock the account (as it does while being on the network and connected to domain)

My question is.....
Is there a way we can lock a user account upon unsuccessful tries (locally)?
is there a third party tool which does that?

please do reply... as k question ... this is quiete urgent

Magicianspell

0
Comment
Question by:magicianspell
3 Comments
 
LVL 13

Accepted Solution

by:
Kini pradeep earned 200 total points
ID: 16913929
yes there is:
if its a win xp m/c then setup a local password policy, now this policy can only assign the number of allowed invalid attempts to lock the account.
i did that on a standalone machine and it did lock the account, i also added this user to the local administrators group, and still am able to lock the account.
now the problem is the administrator account cannot be locked, so if the person is trying to guess the password with the administartor username then of course he can try as many times as he wants, what you could do here is rename the admin account through the group policy again it under security settings.
can do it either from the mmc, load group policy, or gpedit.msc
now these are for local accounts only.

0

Featured Post

Back Up Your Microsoft Windows Server®

Back up all your Microsoft Windows Server – on-premises, in remote locations, in private and hybrid clouds. Your entire Windows Server will be backed up in one easy step with patented, block-level disk imaging. We achieve RTOs (recovery time objectives) as low as 15 seconds.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

NTFS file system has been developed by Microsoft that is widely used by Windows NT operating system and its advanced versions. It is the mostly used over FAT file system as it provides superior features like reliability, security, storage, efficienc…
This article describes my battle tested process for setting up delegation. I use this process anywhere that I need to setup delegation. In the article I will show how it applies to Active Directory
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…

860 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question