|
|
| Davduke 2004-04-14, 2:12 pm |
| Hi ,
I have a domain and everyday some user get their profile lockout ,I checked all policy and the maximum password age is 30 days instead of 42 (default) do you think it could affect ? if no please give me a hand | |
| curiousgeorge 2004-04-14, 2:30 pm |
| Is this happening to the same user or all users?
Also, what are the settings for the account lockout policy?
How many times are they logging in when they get locked out?
Sounds like it's user error to me. | |
| Davduke 2004-04-14, 4:20 pm |
| ok ,
the account lockout duration 0
treshold 4
reset account lockout counter 240
most of the time it happens to various users
like 3 to 5 users a day,
win2k platform
thanks a lot ! | |
| MistyRing 2004-04-15, 5:15 am |
| 3-5 out of how many in total? | |
| enforcer 2004-04-15, 6:57 am |
| Is it the same users each time, or different ones?
does it happen at the same time each day, or just throughout the day?
do you have enough licences on the server that contains the profiles for all the users that need to connect? | |
| Davduke 2004-04-15, 8:28 am |
| Yes most of the time same users but not always , in the morning more often
The licences are enough for all users
thx | |
| curiousgeorge 2004-04-16, 10:22 am |
| But the biggest question is: Are they typing in the wrong password when they get locked out?
It still sounds like user error to me.
Also, you need to change the lockout settings or just get rid of them.
Currently, your settings show a lockout threshhold, but there is no lockout time (lockout duration 0). At the same time, you have the lockout counter set on 240 minutes. That means, it remembers how many times the person typed in a bad password for 240 minutes. After 240 minutes, it sets the counter back to 0.
Bottom line, you need to set the lockout duration and the reset lockout counter to the same time (i.e. set both to 60 minutes). | |
|
| quote:
Originally posted by Davduke
Hi ,
I have a domain and everyday some user get their profile lockout ,I checked all policy and the maximum password age is 30 days instead of 42 (default) do you think it could affect ? if no please give me a hand
So, every 30 days they have to change their password? Are they logging off after they change it? Do you use a utility/other method to have the users change thier password? Also, do you have a terminal server up and running that the users utilize? Are they logging out of TSC before they change their password?
Just a few things i have had trouble with in the past... Good Luck!  | |
| DaDnDe 2004-04-17, 3:57 pm |
| if its the same 3-5 people all the time try telling them to learn how to type.
it sounds to me that they are being locked out because of too many unsuccessful login attempts. |
|
|
|