asked on
Lock out policy for Domain users on 2008 Window Server.
How do you lock out a user when the user has failed three times entering his or her password. And would only allow the user to log back in after 5 minutes. Thank you in advance.
Active DirectoryWindows Server 2008Windows 7
Last Comment
David Johnson, CD
ASKER CERTIFIED SOLUTION
THIS SOLUTION ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
I miss spoke regarding 15 to 30 minutes being a standard. I don't know that for sure.
Why would you want to lock out users after three failed attempts?
Lock out policy should prevent online attack from hackers, not irritate users and administrators.
Check out templates in Security Compliance Toolkit from Microsoft:
http://go.microsoft.com/fwlink/?LinkId=182512
Lock out policy should prevent online attack from hackers, not irritate users and administrators.
Check out templates in Security Compliance Toolkit from Microsoft:
http://go.microsoft.com/fwlink/?LinkId=182512
You want a lock out policy for all because a user may know the login name but not the password and it slows down password attempts. You adjust the settings depending upon your environment. There should be a clear cut policy for this in which both management and IT is happy with it. Remember that IT only offers services to the company and management is still in charge of the company