RE: Limit number of Logon attempts
- From: v-branee@xxxxxxxxxxxxxxxxxxxx ("Brandy Nee [MSFT]")
- Date: Tue, 20 Jun 2006 05:38:44 GMT
Hello Bob,
Thank you for posting to the SBS Newsgroup.
I understand that you want to adjust the logon attempts through Group
Policy. If I have misunderstood your concern, please let me know.
Thanks a lot for Owen's information sharing!
Yes, Owen is right. By default in SBS, we have an Account Lockout policy
and it configured to lock out the account for 10 minutes, it means after 10
minutes, you can logon if you input the correct password.
The Default settings in Account Lockout Policy are:
Account Lockout Duration: 10 minutes
Account Lockout Threshold: 50 invalid logon attempts
Reset account lockout counter after: 10 minutes.
Please see my following steps:
1. On the SBS Server, go to Start -> Run, type "gpmc.msc" (without
quotation marks) and press Enter.
2. Expand to Forest\Domains\Yourdomain.local\Group Policy Objects\Small
Business Server Lockout Policy.
3. Right click Small Business Server Lockout Policy and select Edit.
4. Expand to Computer Configuration\Windows Settings\Security
Settings\Account Policies\Account Lockout Policy.
5. On the right pane, double click "Account lockout threshold" and adjust
the logon attempts per your requirement.
6. Click OK.
7. Apply the GPO to the OU.
8. On the SBS Server, go to Start -> Run, type "gpupdate /force" (without
quotation marks).
9. Ask the clients to log off and log on to test if it works.
[NOTE]: The account will be unlocked automatically after 10 minutes. You
can also logon as the administrator or a delegated user account to unlock
the account. To do so:
a. In Server Management, click Users.
b. On the right pane, right-click the locked out account and click
Properties.
c. On the Account tab, clear "Account is locked out" and click OK.
I also found following KB articles for you future references:
315585 Troubleshooting account lockout problems in Windows Server 2003
http://support.microsoft.com/?id=315585
306771 "Access Denied" Error Message After You Configure a Windows Server
2003
http://support.microsoft.com/?id=306771
837332 You cannot use a blank password to log on to a Windows 2003-based
http://support.microsoft.com/?id=837332
Hope it helps! If you have any further questions or concerns on this issue,
please feel free to let me know. I am looking forward to hearing from you!
Best regards,
Brandy Nee
Microsoft CSS Online Newsgroup Support
Get Secure! - www.microsoft.com/security
======================================================
This newsgroup only focuses on SBS technical issues. If you have issues
regarding other Microsoft products, you'd better post in the corresponding
newsgroups so that they can be resolved in an efficient and timely manner.
You can locate the newsgroup here:
http://www.microsoft.com/communities/newsgroups/en-us/default.aspx
When opening a new thread via the web interface, we recommend you check the
"Notify me of replies" box to receive e-mail notifications when there are
any updates in your thread. When responding to posts via your newsreader,
please "Reply to Group" so that others may learn and benefit from your
issue.
Microsoft engineers can only focus on one issue per thread. Although we
provide other information for your reference, we recommend you post
different incidents in different threads to keep the thread clean. In doing
so, it will ensure your issues are resolved in a timely manner.
For urgent issues, you may want to contact Microsoft CSS directly. Please
check http://support.microsoft.com for regional support phone numbers.
Any input or comments in this thread are highly appreciated.
======================================================
This posting is provided "AS IS" with no warranties, and confers no rights.
--------------------
toFrom: "Bob Massey" <bob.massey@xxxxxxxxxxxxxxxxxxxxxx>
Subject: Limit number of Logon attempts
Date: Mon, 19 Jun 2006 15:48:28 -0700
Lines: 10
X-Priority: 3
X-MSMail-Priority: Normal
X-Newsreader: Microsoft Outlook Express 6.00.2900.2869
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2869
X-RFC2646: Format=Flowed; Original
Message-ID: <OMHR8J$kGHA.1936@xxxxxxxxxxxxxxxxxxxx>
Newsgroups: microsoft.public.windows.server.sbs
NNTP-Posting-Host: 204.117.232.10
Path: TK2MSFTNGXA01.phx.gbl!TK2MSFTNGP01.phx.gbl!TK2MSFTNGP04.phx.gbl
Xref: TK2MSFTNGXA01.phx.gbl microsoft.public.windows.server.sbs:276139
X-Tomcat-NG: microsoft.public.windows.server.sbs
Running SBS2003 Standard. I know there is a setting for the max number of
logon attempts prior to locking individuals out. But I have been unable
find it. Could someone point me to the location. Is it global only or can
you set it by user? i.e. Admin account etc.
Thanks,
Bob
.
- References:
- Limit number of Logon attempts
- From: Bob Massey
- Limit number of Logon attempts
- Prev by Date: Max Cpu's for next version of SBS??
- Next by Date: mail or copy a file from command line..
- Previous by thread: Re: Limit number of Logon attempts
- Next by thread: Re: Limit number of Logon attempts
- Index(es):
Relevant Pages
|
