Solved

TS User lockdown / lockdown message

Posted on 2009-05-09
6
347 Views
Last Modified: 2013-12-04
I have to implement secure TS installation, and the solution I've had on my mind is next:

Idea one:
   - user enters wrong password five times
   - servers locks down the user account, and
   - message pops out telling the user that his account has bee locked, and that he should call Help Desk to the phone xxxxxxxxxxx


Idea two:
   - someone tries to log in into the TS without providing correct username for five times
   - the server locks down any log in attempts from that client (internet client / IP) for next 15 minutesof more


How to configure settings like this and how to make a message display after five log-on attempts?

Some TS security practices link?
0
Comment
Question by:mrmut
  • 3
  • 3
6 Comments
 
LVL 5

Accepted Solution

by:
DTAHARLEV earned 500 total points
ID: 24345789
It'll just happen if you configure a regular GPO to lock users out after 5 failed logon attempts. the standard message is "Your account has been locked. Please contact your system administrator."

As far as locking the workstation, that's more complicated, as the TS will need to first check if a user exists, etc.

I can tell you that we're 100% compliant with all requirements and we only use the lockout policy (well, we have it set to three attempts)
0
 

Author Comment

by:mrmut
ID: 24345837
Thanks, say - I do have GPO with which I can change the lockdow message? (Can't check now.)

For the second question, I think I haven't been clear - I don't wan't to lock the client, but to prevent further log-on attempts from the IP form where logging on with wrong username occurred.


0
 
LVL 5

Expert Comment

by:DTAHARLEV
ID: 24345862
Not sure if and how you can change the message, and also I'm not sure you can have the workstation be locked out even for legitimate attempts. You're probably worried that if someone takes a machine and just tries everyone's password five times he'll end up locking out the entire company pretty fast. Yeah, that is the case... I found out people don't usually do that though -- set auditing levels and you'll have the information in the log, so you know who's messing around.

Also, you can set the account to unlock after say five or ten minutes.
0
U.S. Department of Agriculture and Acronis Access

With the new era of mobile computing, smartphones and tablets, wireless communications and cloud services, the USDA sought to take advantage of a mobilized workforce and the blurring lines between personal and corporate computing resources.

 

Author Comment

by:mrmut
ID: 24345909
Yeah, you are right.

What you mean when you say that I should set auditing levels? - You mean Audit Log? - That is by default, so it must be something else.

Thanks.
0
 
LVL 5

Assisted Solution

by:DTAHARLEV
DTAHARLEV earned 500 total points
ID: 24346045
I mean setting the security policy to login events, so the event log will get notices when a failed login occurs, including the calling workstation, etc.

http://technet.microsoft.com/en-us/library/cc787567(WS.10).aspx
0
 

Author Comment

by:mrmut
ID: 24346126
Thanks a lot for your help  DTAHARLEV.
0

Featured Post

Comprehensive Backup Solutions for Microsoft

Acronis protects the complete Microsoft technology stack: Windows Server, Windows PC, laptop and Surface data; Microsoft business applications; Microsoft Hyper-V; Azure VMs; Microsoft Windows Server 2016; Microsoft Exchange 2016 and SQL Server 2016.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Task with PowerShell Script is failing with 0x41301 7 120
AD backup 6 76
Securing a laptop that travels frequently 21 113
How does ADMT SID History work? 1 21
The term "Bad USB" is a buzz word that is usually used when talking about attacks on computer systems that involve USB devices. In this article, I will show what possibilities modern windows systems (win8.x and win10) offer to fight these attacks wi…
Recently, I read that Microsoft has analysed statistics for their security intelligence report. It revealed: still, the clear majority of windows users do their daily work as administrator. An administrative account is a burden, security-wise. My ar…
Two types of users will appreciate AOMEI Backupper Pro: 1 - Those with PCIe drives (and haven't found cloning software that works on them). 2 - Those who want a fast clone of their boot drive (no re-boots needed) and it can clone your drive wh…
This video shows how to use Hyena, from SystemTools Software, to bulk import 100 user accounts from an external text file. View in 1080p for best video quality.

789 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question