Avatar of Victor_Torres
Victor_Torres
 asked on

Lock out policy for Domain users on 2008 Window Server.

How do you lock out a user when the user has failed three times entering his or her password.  And would only allow the user to log back in after 5 minutes.  Thank you in advance.
Active DirectoryWindows Server 2008Windows 7

Avatar of undefined
Last Comment
David Johnson, CD

8/22/2022 - Mon
ASKER CERTIFIED SOLUTION
MrSlithy

THIS SOLUTION ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
See Pricing Options
Start Free Trial
GET A PERSONALIZED SOLUTION
Ask your own question & get feedback from real experts
Find out why thousands trust the EE community with their toughest problems.
MrSlithy

I miss spoke regarding 15 to 30 minutes being a standard. I don't know that for sure.
Toni Uranjek

Why would you want to lock out users after three failed attempts?

Lock out policy should prevent online attack from hackers, not irritate users and administrators.

Check out templates in Security Compliance Toolkit from Microsoft:
http://go.microsoft.com/fwlink/?LinkId=182512
David Johnson, CD

You want a lock out policy for all because a user may know the login name but not the password and it slows down password attempts. You adjust the settings depending upon your environment. There should be a clear cut policy for this in which both management and IT is happy with it. Remember that IT only offers services to the company and management is still in charge of the company
This is the best money I have ever spent. I cannot not tell you how many times these folks have saved my bacon. I learn so much from the contributors.
rwheeler23