+ Post New Thread
Results 1 to 7 of 7
Windows Thread, Stopping an Account locking out in Technical; Challenge unless im being exceptionaly dumb!!! I have a windows 2003 network with normal password etc an account lockout rule ...
  1. #1
    jj99's Avatar
    Join Date
    Jun 2008
    Location
    Stamford
    Posts
    89
    Thank Post
    8
    Thanked 2 Times in 2 Posts
    Rep Power
    13

    Stopping an Account locking out

    Challenge unless im being exceptionaly dumb!!!

    I have a windows 2003 network with normal password etc an account lockout rule of 5 mispellings and its locked for 30 mins.

    We have recently got rid of our "adminstrator" account and replaced with anaother account however this keeps locking out as it giot a nice complicated password, does anyone know how to stop this with out removing the lockout policy.

    Ta very muchly

  2. #2

    Join Date
    Apr 2007
    Location
    Croydon
    Posts
    497
    Thank Post
    18
    Thanked 31 Times in 30 Posts
    Rep Power
    20

    Wink

    How have you got the lockout policy set through group policy? Is it on the default domain or default domain controller policy?

    What about putting it on the the OU where you user accounts are and put the accounts you don't want to apply the policy to in a seperate OU?

  3. #3

    maniac's Avatar
    Join Date
    Feb 2007
    Location
    Kent
    Posts
    3,037
    Thank Post
    209
    Thanked 425 Times in 306 Posts
    Rep Power
    144
    If you put the accounts you don't want this rule to apply to in a seperate OU, and block policy inheritance, that will do the trick. That's what we do for service accounts and the like that we don't want our normal policies to apply to.

    Mike.

  4. #4
    jj99's Avatar
    Join Date
    Jun 2008
    Location
    Stamford
    Posts
    89
    Thank Post
    8
    Thanked 2 Times in 2 Posts
    Rep Power
    13
    I thought you could have only password rule for the whole domain? Or is that just the password complexity policy?

    Ill try the diffrent group policys tomorrow then we had kept it the "users" ou so it didnt get to many gp's just incase they caused an issue in the future

    My 2003 admins course seems such a long time ago....

  5. #5

    Join Date
    Aug 2005
    Location
    London
    Posts
    3,154
    Thank Post
    114
    Thanked 527 Times in 450 Posts
    Blog Entries
    2
    Rep Power
    123
    You might also want to revisit the lockout policy - there's some evidence that the default 5/30 is not very helpful. If someone is trying an automated hacking tool then they're likely to make hundreds of attempts and (unless you have very weak passwords) they won't get in with just 5 attempts.

    You could also try changing your complex password to a complex phrase - this can be long, with punctuation marks and numbers but easier (perhaps!) to remember and type :-)

  6. #6
    User3204's Avatar
    Join Date
    Aug 2006
    Location
    Wirral
    Posts
    769
    Thank Post
    55
    Thanked 66 Times in 62 Posts
    Rep Power
    34
    We had to increase the normal 5 logons failure upwards, as our students kept holding down the enter key at the logon screen, and this would block the previous user.

    I think it's upto 15 attempts in 15 minutes, which seemed to stop this, especially as the caching applies to 3 logons, so after three attempts our logon box "thinks" before checking.

  7. #7
    HMCTech's Avatar
    Join Date
    Apr 2008
    Posts
    618
    Thank Post
    37
    Thanked 48 Times in 35 Posts
    Rep Power
    22
    Quote Originally Posted by User3204 View Post
    We had to increase the normal 5 logons failure upwards, as our students kept holding down the enter key at the logon screen, and this would block the previous user.
    Could you not go into secpol.msc > Local Policies > Security Options > Do not display last username Enable?

SHARE:
+ Post New Thread

Similar Threads

  1. Zimbra AD Account Email Account Link
    By kmount in forum *nix
    Replies: 10
    Last Post: 4th June 2011, 03:14 PM
  2. One Or Zero locking out Administrator
    By WithoutMotive in forum How do you do....it?
    Replies: 0
    Last Post: 15th September 2008, 12:26 PM
  3. locking os x down on network
    By mac_shinobi in forum Mac
    Replies: 6
    Last Post: 23rd January 2008, 07:16 PM
  4. Locking Powerpoint
    By andy in forum Windows
    Replies: 9
    Last Post: 26th September 2006, 08:51 AM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •