Account Lockout Problems

G

Guest

Hi There!

The following Account Lockout Policies have been defined in our Windows 2000
Active Directory Domain (through Default Domain Policy):

Account lockout duration: 15 minutes
Account lockout threshold: 5 invalid logon attempts
Reset account lockout counter after: 15 minutes

Therefore, based on the above policy settings, any user is getting locked
out after 5 invalid password attempts. But based on the policy definition the
account has to be auto unlocked after 15 minutes, but it is not happening.
Does anyone has any idea as to why this could be happening and how to resolve
this?

Regards

Arif
 
T

Tim Macaulay[MSFT]

Hello,

If you are seeing the account as Locked inside of Active Directory after
the Reset Account Lockout Counter time has passed, then have the user
login. The user should be able to login, which will force the UI in AD to
update. This is by design!

Cheers,
Tim Macaulay, MCSD, MCSD.NET, MCAD, MCP
Microsoft Developer Support ADSI
This posting is "AS IS" with no warranties, and confers no rights.

http://mact312.sts.winisp.net/programming/default.aspx

ADSI Start Page:
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/adsi/adsi/a
ctive_directory_service_interfaces_adsi.asp

System.DirectoryServices Portal
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dsportal/ds
portal/directory_services_portal.asp
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

all accounts locked out !!! 4
Group policy, Item Account lockout duration 1
Accounts getting locked out after 1 invalid logon attempt 3
Help on Account Lockout 5
Question on Account Lockout - Urgent 2
NT4 server lockout policy in win2k domain 3
Account Policy 3
Account lockout not happening 1

Top