Re: Possible Bad Question

From: TechGeekPro (%username%_at_yahoo.com)
Date: 04/02/04


Date: Fri, 2 Apr 2004 15:30:24 -0500


--
I may not be fully certified, but I am fully certifiable.
"Neil" <neilmcse@nospamforyou.com> wrote in message
news:Xns94BF9A2FDD27Fneilmcsehotmailcom@207.46.248.16...
> "TechGeekPro" <%username%@yahoo.com> wrote in
> news:#kxUQgOGEHA.3764@TK2MSFTNGP12.phx.gbl:
>
> > "Since the local policy dictates 3 logon attempts, and the Domain
> > policy dictates 5 then "5" is the result..."
> >
> > Ah, but the question didn't state "Domain Policy" but "Domain
> > Controllers Policy" which from what I understand only affects the
> > computers in the built-in Domain Controllers OU. She is logging into
> > the Domain but not into a Domain Controller.
> >
> > --
> > I may not be fully certified, but I am fully certifiable.
> >
> > "Stew Basterash" <stewartbash@hotmail.com> wrote in message
> > news:e3DRPbOGEHA.2600@TK2MSFTNGP12.phx.gbl...
> >> Once a computer is added to a domain policies are applied in this
> >> order
> > LSDO
> >> (Local, Site, Domain, OU)... Since the local policy dictates 3 logon
> >> attempts, and the Domain policy dictates 5 then "5" is the result
> >> becuase the setting is overridden in the order of application... In
> >> addition, it doesn't matter if she logs in locally or to an actual
> >> domain account... System ("computer") Policy settings are applied at
> >> startup regardless if
> > she
> >> actually logs into her domain account or not... As I stated...
> >> Computer settings in a policy are applied at startup... User settings
> >> are applied
> > at
> >> account login...
> >>
> >> "TechGeekPro" <%username%@yahoo.com> wrote in message
> >> news:%23f9pCOOGEHA.1012@TK2MSFTNGP11.phx.gbl...
> >> > I'm taking a practice test for the 70-218 using the CramMaster
> >> > software.
> >> >
> >> > Question:
> >> >
> >> > Jennifer is an employee of a company called XYZ Dimensions Inc.
> >> > located
> > in
> >> > Chicago. Jennifer is currently using a stand-alone Windows 2000
> >> Professional
> >> > workstation, named JennyW2KP, to use a locally installed graphics
> > editing
> >> > application. As the administrator, you are going to add JennyW2KP
> >> > to the Windows 2000 Domain, named XYZDimensions.edu, which
> >> > currently consists
> > of
> >> > one Windows 2000 Server Domain Controller and four Windows 2000
> >> Professional
> >> > workstations.
> >> >
> >> > Before adding JennyW2KP to the XYZDimensions.edu Domain, you use
> >> > the
> > Local
> >> > Group Policy MMC snap-in on JennyW2KP and configure the account
> >> > lockout
> >
> >> > policy to lock out Jennifer's local user account after three bad
> >> > logon attempts. Afterwards, you configure the Default Domain
> >> > Controllers
> > Policy
> >> to
> >> > lockout Jennifer's Domain Account after two bad logon attempts.
> >> >
> >> > What will be Jennifer's result if she attempts to logon to the
> >> > Windows
> >> 2000
> >> > Network using her Domain Logon account and providing an invalid
> >> > password both times? Select the correct answer.
> >> >
> >> >       A Jennifer will be locked out of the Windows 2000 Network for
> >> >       a
> >> > configured amount of time designated by the administrator.
> >> >
> >> >       B Jennifer will be allowed three more logon attempts to the
> > Windows
> >> > 2000 Network because the Local Group Policy and Default Domain
> > Controllers
> >> > Policy cumulatively allow her five bad logon attempts.
> >> >
> >> >       C Jennifer will be allowed one more logon attempt to the
> >> >       Windows
> >> 2000
> >> > Professional machine because the Local Group Policy allows her
> >> > three bad logon attempts.
> >> >
> >> >       D Jennifer will be allowed one more logon to the Windows 2000
> >> Network
> >> > because the Local Group Policy overrides the Group Policy.
> >> >
> >> >
> >> > Correct answer:
> >> >
> >> >       B Jennifer will be allowed three more logon attempts to the
> > Windows
> >> > 2000 Network because the Local Group Policy and Default Domain
> > Controllers
> >> > Policy cumulatively allow her five bad logon attempts.
> >> >
> >> >
> >> > Explanation:
> >> >
> >> > Jennifer is using a Domain User account, which is impacted by the
> > settings
> >> > the administrator configured in the Default Domain Controllers
> >> > Policy.
> >> >
> >> >
> >> > My question is, since she is not logging on to a domain controller,
> >> > I thought she wouldn't be affected by the default doamin
> >> > controllers
> > policy,
> >> > therefore, her account should be locked out.
> >> >
> >> > Am I way off base here or is this a bad question?
> >> >
> >> > --
> >> > I may not be fully certified, but I am fully certifiable.
> >> >
> >> >
> >> >
> >>
> >>
> >
> >
>
> kb article 259576
>
> --
> Neil
> "you'd do what, to who, for how many biscuits?"
What? No link? Tsk,tsk. http://tinyurl.com/2l4mg