Account Lockout is not working

GundamtdkGundamtdk Posts: 210Member
I have setup a GPO with an account lockout of 1.

Applied the GPO to the OU with one workstation.

Yet the computer is not locking out after one attempts.

What am I doing wrong?

Comments

  • mwgoodmwgood Posts: 293Member
    Try running rsop.msc on the workstation to see if your GPO was actually applied.
  • dynamikdynamik Posts: 12,314Banned
    Password policies have to be configured at the domain level. If you configure them at the OU, they only apply to local accounts.
  • sprkymrksprkymrk Posts: 4,884Member
    If you apply Account Lockout at a level other than the domain level, it only applies to local accounts, not domain accounts.

    Create a local user on that computer and try it with his account, it should work.


    Dynamic did you edit your reply while I was replying? Didn't see a mention of local accounts on your at first. icon_lol.gif
    All things are possible, only believe.
  • GundamtdkGundamtdk Posts: 210Member
    Then I should be editing the Domain Default Policy in Group Policy Management?
  • gojericho0gojericho0 Posts: 1,060Member
    Gundamtdk wrote:
    Then I should be editing the Domain Default Policy in Group Policy Management?

    Yup and make sure you are not blocking inheritance on your Domain Controllers OU. I had this problem in production trying to apply this at the OU level, and it took me about a week to figure out why it wasn't working icon_lol.gif
  • whumewhume Posts: 1Registered Users ■□□□□□□□□□
    I know this thread is kind of old however I have run into this issue with another admin setting up the policy incorrectly and I have made the changes to reflect the policy in the default domain policy. The issue is I am still only seeing this affect local accounts. Any help would be appreciated.

    Thanks,
Sign In or Register to comment.