?
Solved

Group Policy

Posted on 2011-09-12
9
Medium Priority
?
190 Views
Last Modified: 2012-08-13
We have windows 2008 DC and my users keep on getting locked out. I cannot find the group policy that is causing this problem. How can I disable the locking out of users?
0
Comment
Question by:bbayachek
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
9 Comments
 
LVL 16

Expert Comment

by:uescomp
ID: 36524984
Locked out as you have to unlock their account in AD?  or after 15 minutes or so to autolock the system.  This can be changed in the screen saver setting to require password when resuming windows etc.
0
 
LVL 57

Expert Comment

by:Mike Kline
ID: 36524999
Is it random users that are getting locked out.  If that is the case I'd start looking and scanning for malware.  If it is a few users then start here

http://blogs.technet.com/b/instan/archive/2009/09/01/troubleshooting-account-lockout-the-pss-way.aspx

conficker was a big one that would cause random users to just start locking out on domains.

Thanks

Mike
0
 
LVL 70

Expert Comment

by:KCTS
ID: 36525090
0
Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

 
LVL 1

Author Comment

by:bbayachek
ID: 36525344
network users and I think they are not typing in the password right. I cannot find the setting that is causing this problem
0
 
LVL 1

Author Comment

by:bbayachek
ID: 36525351
kcts - I have windows 2008 and I cannot find it in the default policy.
0
 
LVL 57

Expert Comment

by:Mike Kline
ID: 36525399
Then run an RSoP report for one of the users to see where they are getting the PW policy from.  If they are typing in the password wrong it won't be the fault of the policy...unless you want to turn off complex passwords if they are enabled.

Thanks

Mike
0
 
LVL 1

Author Comment

by:bbayachek
ID: 36525533
ok. one more question. How do I run a RSoP report. lol thanks!
0
 
LVL 1

Accepted Solution

by:
bbayachek earned 0 total points
ID: 36529198
I ran it and it says the default policy but I can't find it in there.
0
 
LVL 1

Author Closing Comment

by:bbayachek
ID: 37319294
I found the problem
0

Featured Post

Is Your AD Toolbox Looking More Like a Toybox?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Did you know that more than 4 billion data records have been recorded as lost or stolen since 2013? It was a staggering number brought to our attention during last week’s ManageEngine webinar, where attendees received a comprehensive look at the ma…
Uncontrolled local administrators groups within any organization pose a huge security risk. Because these groups are locally managed it becomes difficult to audit and maintain them.
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …
This video shows how to use Hyena, from SystemTools Software, to update 100 user accounts from an external text file. View in 1080p for best video quality.

719 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question