Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people, just like you, are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
Solved

windows 2008 domain gpo to prompt users for a security answer when account is blocked

Posted on 2011-09-16
3
332 Views
Last Modified: 2012-05-12
Hi:

      We loose so many time enabling blocked accounts for some users that we want to give them a possibility of reset their password on their own.

      Is there a GPO or something I can deploy  to prompt the users for a security question response when they block their account?


thanks in advance.
0
Comment
Question by:Guillermin-go
3 Comments
 
LVL 19

Assisted Solution

by:Miguel Angel Perez Muñoz
Miguel Angel Perez Muñoz earned 63 total points
ID: 36548081
I think that AD doesn´t permit this yet. I suggest to change lockout time to 5 minutes. At this manner, users only need to wait 5 minutes until retry login again.
0
 
LVL 3

Accepted Solution

by:
rog2054 earned 62 total points
ID: 36548595
Agreed. There is no way of doing this within Windows AD out of the box.

There are 3rd party addons which provide this functionality (and more). I did look into some a few years ago, however in the end we chose to manage without (due to costs etc).

Here is one such program to give you an idea of what is possible
http://www.manageengine.com/products/self-service-password/active-directory-password-reset-gina-credential-provider.html
0
 
LVL 3

Author Closing Comment

by:Guillermin-go
ID: 36558585
thanks for your advices.
0

Featured Post

Windows Server 2016: All you need to know

Learn about Hyper-V features that increase functionality and usability of Microsoft Windows Server 2016. Also, throughout this eBook, you’ll find some basic PowerShell examples that will help you leverage the scripts in your environments!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

When you try to extract and to view the contents of a Microsoft Update Standalone Package (MSU) for Windows Vista, you cannot extract the files from the MSU. Here we are going to explain how to extract those hotfix details without using any third pa…
This article outlines the process to identify and resolve account lockout in an Active Directory environment.
This tutorial will walk an individual through setting the global and backup job media overwrite and protection periods in Backup Exec 2012. Log onto the Backup Exec Central Administration Server. Examine the services. If all or most of them are stop…
This Micro Tutorial will go in depth within Systems and Security in Windows 7 and will go into detail regarding Action Center, Windows Firewall, System, etc. This will be demonstrated using Windows 7 operating system.

860 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question