Link to home
Start Free TrialLog in
Avatar of crcsupport
crcsupportFlag for United States of America

asked on

Account lockout policy in Group Policy

I'm trying to set account lockout because I think hackers trying to run brute-force password discovery against our mail server. If 10 attempts to login with wrong password fails, I like to lock out accounts.

However, Account Lockout Threshold Policy under Group Policy says it counts only attempt failure of logging by Ctrl+Alt+Delete or screen saver. Does it mean it will not count login failure against OWA or direct access to our mail server through telnet? If then, how to disconnect the hacker's password discovery if failuer only counts the two?
ASKER CERTIFIED SOLUTION
Avatar of Ben Hart
Ben Hart
Flag of United States of America image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
SOLUTION
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
SOLUTION
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
SOLUTION
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
SOLUTION
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
SOLUTION
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of crcsupport

ASKER

Why is this setting under Computer Configuration instead of User Configuration in GPO?
Does it mean that it locks out the account, not the computer? I'm worrying if this setting is under computer configuration, it may affect operation if the hacking is against server such as mail server?
SOLUTION
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Also, can you take a look at relay setting of SMTP virtual server (attached). I want to correct any wrong configuration. outbound mail is set as anonymous. Is it OK? We have other servers in LAN send out emails to clients. The servers contact our mail server as smart host. This connection is anonymous, I guess because there's no id and password to put in in SMTP properties of the client server connecting to the mail server.
relay.jpg
SOLUTION
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
SOLUTION
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
SOLUTION
Avatar of David Johnson, CD
David Johnson, CD
Flag of Canada image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial