Re: Accounts lockout policy not working as expected
From: Gary Mudgett [MSFT] (garymu_at_online.microsoft.com)
Date: 07/14/04
- Next message: Gux: "Software distribution without .MSI"
- Previous message: Gary Mudgett [MSFT]: "Re: User log on lock out policy does not function correctly in 2003"
- In reply to: Nathan H: "Re: Accounts lockout policy not working as expected"
- Next in thread: Janet: "Re: Accounts lockout policy not working as expected"
- Reply: Janet: "Re: Accounts lockout policy not working as expected"
- Messages sorted by: [ date ] [ thread ]
Date: Wed, 14 Jul 2004 12:44:32 -0400
This is actually by design. The GUI is not updated until the user actually
gets a successful logon after the 15 minutes have passed. As long as the
period has passed AD will treat the account as unlocked.
Are you saying that even after 15+ minutes has passed the user is not able
to logon successfully without an administrator unlocking the account?
Also, to ensure that the domain controller has these settings as effected
you could run "net accounts" at a command prompt and view the output.
-- Gary Mudgett, MCSE, MCSA Windows 2000/2003 Directory Services ===================================================== When responding to posts, please "Reply to Group" via your newsreader so that others may learn and benefit from your issue. ===================================================== This posting is provided "AS IS" with no warranties, and confers no rights. "Nathan H" <anonymous@discussions.microsoft.com> wrote in message news:uLKCJQbaEHA.1048@tk2msftngp13.phx.gbl... > Hi Janet > > > On the "Default Domain Policy" I have the following set: > > > > Account Lockout Duration: 15 minutes > > Account Lockout Threshold: 5 bad logon attempts > > Reset Account Lockout counter: 10 minutes > > > > If someone enters 5 bad passwords their account indeed becomes locked out, > > but the account never automatically unlocks again. It always has to be > > manually unlocked no matter how long I wait. How can I get the account to > > automatically unlock itself? > > ahhh...someone with similar lockout problems....see my post on it called: > > User log on lock out policy does not function correctly in 2003 > > I forgot that this happens also to me.....once locked out, they stay locked > out too :( > > Here though, they only have to get it wrong (or in some cases, even when > getting > it right) once for it to lock them out permanently. > > Regards and please post if you find anything out. > > > -- > Nathan Harmsworth > IT / Network Administrator > Ysgol Bro Ddyfi (Edu) > >
- Next message: Gux: "Software distribution without .MSI"
- Previous message: Gary Mudgett [MSFT]: "Re: User log on lock out policy does not function correctly in 2003"
- In reply to: Nathan H: "Re: Accounts lockout policy not working as expected"
- Next in thread: Janet: "Re: Accounts lockout policy not working as expected"
- Reply: Janet: "Re: Accounts lockout policy not working as expected"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
