Account Lockout is not working
Gundamtdk
Member Posts: 210
I have setup a GPO with an account lockout of 1.
Applied the GPO to the OU with one workstation.
Yet the computer is not locking out after one attempts.
What am I doing wrong?
Applied the GPO to the OU with one workstation.
Yet the computer is not locking out after one attempts.
What am I doing wrong?
Comments
-
mwgood
Member Posts: 293
Try running rsop.msc on the workstation to see if your GPO was actually applied. -
dynamik
Banned Posts: 12,312 ■■■■■■■■■□
Password policies have to be configured at the domain level. If you configure them at the OU, they only apply to local accounts. -
sprkymrk
Member Posts: 4,884 ■■■□□□□□□□
If you apply Account Lockout at a level other than the domain level, it only applies to local accounts, not domain accounts.
Create a local user on that computer and try it with his account, it should work.
Dynamic did you edit your reply while I was replying? Didn't see a mention of local accounts on your at first.
All things are possible, only believe. -
Gundamtdk
Member Posts: 210
Then I should be editing the Domain Default Policy in Group Policy Management?
-
gojericho0
Member Posts: 1,059 ■■■□□□□□□□
Gundamtdk wrote:Then I should be editing the Domain Default Policy in Group Policy Management?
Yup and make sure you are not blocking inheritance on your Domain Controllers OU. I had this problem in production trying to apply this at the OU level, and it took me about a week to figure out why it wasn't working -
whume
Registered Users Posts: 1 ■□□□□□□□□□
I know this thread is kind of old however I have run into this issue with another admin setting up the policy incorrectly and I have made the changes to reflect the policy in the default domain policy. The issue is I am still only seeing this affect local accounts. Any help would be appreciated.
Thanks,
