Our network was running fine.
Then, in default domain GP, I turned the account lockout feature on.
Pretty quickly, one (and only 1 of 300) user was being repeatedly locked out; ME! I'm the system administrator.
I researched the logs a little, then I just turned the account lockout feature off (values not defined)
This made no difference for my account; I still get locked out every 5 or 10 minutes (I haven't measured the exact interval)
So, I turned account lockout back on and changed the values to safe ones (from 7 failed logons, to 100 and reset after 2 minutes)
This made no difference; I still get locked out repeatedly.
Why can I not just turn account lockout off in default domain GP? (I did gpupdate on my machine after the changes mentioned above - it says it "completed successfully")
I downloaded the AL tools, am trying them now, but it is getting frustrating and I need help.
Domain controller - Win Svr 2008 server core
my PC = Win 7 Pro