Solved

How to lock a vpn/domain account after x number of tries on windows 2008

Posted on 2011-03-09
3
520 Views
Last Modified: 2012-05-11
We are using windows 2008 as a vpn server, using NPS (on the same box)  for defining the connection criteria (ie. time and day of access, timeouts, etc) and domain user accounts for authentication.

When logging on to a domain joined workstation (not via vpn) if the user fails the log in after x number of attempts the domain account is locked.  However, this does not happen on the (remote user) VPN connection.  Remote computers are not joined to the domain.  Is there a setting somewhere (that I don't see) that I can tell windows 2008 to lock the account after x number of tries?

The VPN / Terminal server box is 2008 sever standard.  Currently our DC is a W2K box.  Soon to be upgraded to 2008 but we are trying to get the VPN solution working now.  All clients right now are win XP.  Apparently since I am using NPS with specific AD groups (on the 2008 box), the "Dial-in" tab in for the user in AD computers and users does not affect the ability to connect.
0
Comment
Question by:PlazaProp
  • 2
3 Comments
 
LVL 59

Expert Comment

by:Darius Ghassem
ID: 35086117
0
 
LVL 1

Accepted Solution

by:
PlazaProp earned 0 total points
ID: 35087841
Thanks for the tip but I found that I had "allow access" check in on the dial in tab instead "control access through remote access policy".  After I changed it the account was locking after x number of attempts as defined by GPO.  
0
 
LVL 1

Author Closing Comment

by:PlazaProp
ID: 35126374
fix own issue
0

Featured Post

The Eight Noble Truths of Backup and Recovery

How can IT departments tackle the challenges of a Big Data world? This white paper provides a roadmap to success and helps companies ensure that all their data is safe and secure, no matter if it resides on-premise with physical or virtual machines or in the cloud.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In this article, we will see the basic design consideration while designing a Multi-tenant web application in a simple manner. Though, many frameworks are available in the market to develop a multi - tenant application, but do they provide data, cod…
A procedure for exporting installed hotfix details of remote computers using powershell
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…

856 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question