Account Lockout does not work on workstations.
Last response: in Windows 2000/NT
Archived from groups: microsoft.public.win2000.group_policy (More info?)
I have 1 domain server and several workstations, running on Windows 2000
server and pros. The workstations normally log on to the local computer
instead of the domain computer( but it is joined to the domain controller
for some reasons).
Recently i've set the account lockout threshold as 3 invalid and logon
attempt , account lockout duration and reset lockout as 15 minutes. i can
see that both the local and effective settings the same now. Now the problem
is, it doesn't apply to the local computer/workstation. I know that it will
run if the workstations logs in to the domain directly. How do i set it
without logging in to the domain?
Tan.
I have 1 domain server and several workstations, running on Windows 2000
server and pros. The workstations normally log on to the local computer
instead of the domain computer( but it is joined to the domain controller
for some reasons).
Recently i've set the account lockout threshold as 3 invalid and logon
attempt , account lockout duration and reset lockout as 15 minutes. i can
see that both the local and effective settings the same now. Now the problem
is, it doesn't apply to the local computer/workstation. I know that it will
run if the workstations logs in to the domain directly. How do i set it
without logging in to the domain?
Tan.
More about : account lockout work workstations
Archived from groups: microsoft.public.win2000.group_policy (More info?)
To set account policies that will have effect on machine
local accounts, use a GPO that is linked at the OU instead
of the domain level.
--
Roger Abell
Microsoft MVP (Windows Security)
MCSE (W2k3,W2k,Nt4) MCDBA
"Lee Yew" <tanly@msee.com.my> wrote in message
news![:o]( ":o")
HNUrxoNFHA.3728@TK2MSFTNGP10.phx.gbl...
> I have 1 domain server and several workstations, running on Windows 2000
> server and pros. The workstations normally log on to the local computer
> instead of the domain computer( but it is joined to the domain controller
> for some reasons).
>
> Recently i've set the account lockout threshold as 3 invalid and logon
> attempt , account lockout duration and reset lockout as 15 minutes. i can
> see that both the local and effective settings the same now. Now the
problem
> is, it doesn't apply to the local computer/workstation. I know that it
will
> run if the workstations logs in to the domain directly. How do i set it
> without logging in to the domain?
>
> Tan.
>
>
To set account policies that will have effect on machine
local accounts, use a GPO that is linked at the OU instead
of the domain level.
--
Roger Abell
Microsoft MVP (Windows Security)
MCSE (W2k3,W2k,Nt4) MCDBA
"Lee Yew" <tanly@msee.com.my> wrote in message
news
HNUrxoNFHA.3728@TK2MSFTNGP10.phx.gbl...> I have 1 domain server and several workstations, running on Windows 2000
> server and pros. The workstations normally log on to the local computer
> instead of the domain computer( but it is joined to the domain controller
> for some reasons).
>
> Recently i've set the account lockout threshold as 3 invalid and logon
> attempt , account lockout duration and reset lockout as 15 minutes. i can
> see that both the local and effective settings the same now. Now the
problem
> is, it doesn't apply to the local computer/workstation. I know that it
will
> run if the workstations logs in to the domain directly. How do i set it
> without logging in to the domain?
>
> Tan.
>
>
Related ressources:
- ForumUsers in Win98 workstations having account locked in Activ..
- ForumConstant User Lockout
- ForumScreensaver lockout in Group Policy
- ForumAccount Lockout ...
- ForumAll accounts with administrator rights are locked out ( lockout count has been ex
- ForumAccount Lockout Script
- ForumAD accounts not being unlocked when " lockout duration" set..
- ForumLockout prbbelm under XP
- ForumAccount Policies do not appear to apply
- ForumAccount Lockout
- ForumNT Account lockout
- ForumWin2k3 + WinXPsp2 Lockout prob
- ForumHow can I prevent Domain lockout when using VPN remotely
- ForumAccount Lockout Threshold Not Working
- ForumAccount lockout , terminal services, not disconnected sessi..
- ForumDomain Default Group Policy Password lockout setting
- ForumCentralizing Account Lockout events (Event ID 539) to only..
- ForumAccount Lockout policy problem
- ForumParallel and com ports not appearing in device manager
- ForumRenaming Local Administrator Account
- More resources
!
