When away from desk account gets locked

Toggle sidebar Toggle sidebar
A

Ade

Distinguished
May 5, 2004
81
0
18,630
Archived from groups: microsoft.public.win2000.active_directory (More info?)

Hello all,

Win2k server/pro, Outlook2k3

We have just implemented an account lockout policy. A users NT account is
locked after 3 invalid atempts for 30 mins. Two times since then, when a
laptop user has been away from the desk at lunch, they have returned to
their desk and found the account to be locked, even though no one has
accessed their machine. Would you happen to know why this would happen?
Any help much appreciated.
 
G

Guest

Guest
Archived from groups: microsoft.public.win2000.active_directory (More info?)

Ade,

Just a general tip: you do not necessarily want to go with three bad
attempts before lock out. You might want to consider something like seven
or eight or maybe even 10 bad attempts before lock out. The whole point
behind this is to stop the hacker who is trying to brute force this. Shoot,
it might take two or three tries before the user thinks to check to see if
'Caps Lock' is on.......

Now, is that laptop user logged on someplace else as well ( er, with the old
password ).

You might want to consider looking at the ALTools from the MS web site.
There are several really neat tools that are a part of this package.

--
Cary W. Shultz
Roanoke, VA 24012
Microsoft Active Directory MVP

http://www.activedirectory-win2000.com
http://www.grouppolicy-win2000.com



"ade" <noone@somewhere.net> wrote in message
news:O$aCYUzdFHA.1456@TK2MSFTNGP15.phx.gbl...
> Hello all,
>
> Win2k server/pro, Outlook2k3
>
> We have just implemented an account lockout policy. A users NT account is
> locked after 3 invalid atempts for 30 mins. Two times since then, when a
> laptop user has been away from the desk at lunch, they have returned to
> their desk and found the account to be locked, even though no one has
> accessed their machine. Would you happen to know why this would happen?
> Any help much appreciated.
>
>
 
G

Guest

Guest
Archived from groups: microsoft.public.win2000.active_directory (More info?)

ade wrote:

> Hello all,
>
> Win2k server/pro, Outlook2k3
>
> We have just implemented an account lockout policy. A users NT account is
> locked after 3 invalid atempts for 30 mins. Two times since then, when a
> laptop user has been away from the desk at lunch, they have returned to
> their desk and found the account to be locked, even though no one has
> accessed their machine. Would you happen to know why this would happen?
> Any help much appreciated.

Check to see if the user has any mapped drivings and a recently changed
password where the mapped drive is still using the old password and causing
the lockout.
 
You must log in or register to reply here.

TRENDING THREADS

Latest posts

Moderators online

Share this page

COMPANY
RESOURCES
FOLLOW
Top Bottom