|
server
newsgroups
|
|||||||||||||||||||||||
|
|||||||||||||||||||||||
Active Directory and ClusteringHi,
I have two users that try to sign into the network in the mornings and get a message that their account has been locked out. This happens the first time that they try to sign on. (We have account lockout at 3 tries). We are using 2 Windows 2000 Advanced Server clustered together. I tried to use GP to audit account login failures which shows nothing to give me a clue to whats going on. Has anybody heard or have gone through something like this? PS. No clues in the event viewer either. Thanks for any help! MCorn MCorn wrote:
> Hi, Try to use these tools to track the cause:> I have two users that try to sign into the network in the mornings and get a > message that their account has been locked out. This happens the first time > that they try to sign on. (We have account lockout at 3 tries). We are using > 2 Windows 2000 Advanced Server clustered together. I tried to use GP to audit > account login failures which shows nothing to give me a clue to whats going > on. Has anybody heard or have gone through something like this? > http://www.microsoft.com/downloads/details.aspx?FamilyID=7af2e69c-91f3-4e63-8629-b999adde0b9e&DisplayLang=en I don't know what cluster has to do with it in this scenario. MS and others have suggested that an account lockout threshold of 50 is more
appropriate. This stops hackers and DOS attacks but allows the user to make many mistakes before being locked out. This should result in a safe(r) and (more) secure env but with fewer help desk calls re lockouts. neil Show quoteHide quote "Tomasz Onyszko" wrote: > MCorn wrote: > > Hi, > > I have two users that try to sign into the network in the mornings and get a > > message that their account has been locked out. This happens the first time > > that they try to sign on. (We have account lockout at 3 tries). We are using > > 2 Windows 2000 Advanced Server clustered together. I tried to use GP to audit > > account login failures which shows nothing to give me a clue to whats going > > on. Has anybody heard or have gone through something like this? > > > > Try to use these tools to track the cause: > http://www.microsoft.com/downloads/details.aspx?FamilyID=7af2e69c-91f3-4e63-8629-b999adde0b9e&DisplayLang=en > > I don't know what cluster has to do with it in this scenario. > > -- > Tomasz Onyszko > http://www.w2k.pl/blog/ - (PL) > http://blogs.dirteam.com/blogs/tomek/ - (EN) > Hi Neil,
Thanks for the information but I don't understand how 50 attempts before an account lockout is safe(r) and a more secure env than 3. Maybe I have misunderstood what you're saying and I would love to get the info that you got on this issue because...Which I totally agree with you...we all could use a few LESS help desk call! :) Thanks, MCorn Show quoteHide quote "Neil Ruston" wrote: > MS and others have suggested that an account lockout threshold of 50 is more > appropriate. This stops hackers and DOS attacks but allows the user to make > many mistakes before being locked out. > > This should result in a safe(r) and (more) secure env but with fewer help > desk calls re lockouts. > > neil > > > > > "Tomasz Onyszko" wrote: > > > MCorn wrote: > > > Hi, > > > I have two users that try to sign into the network in the mornings and get a > > > message that their account has been locked out. This happens the first time > > > that they try to sign on. (We have account lockout at 3 tries). We are using > > > 2 Windows 2000 Advanced Server clustered together. I tried to use GP to audit > > > account login failures which shows nothing to give me a clue to whats going > > > on. Has anybody heard or have gone through something like this? > > > > > > > Try to use these tools to track the cause: > > http://www.microsoft.com/downloads/details.aspx?FamilyID=7af2e69c-91f3-4e63-8629-b999adde0b9e&DisplayLang=en > > > > I don't know what cluster has to do with it in this scenario. > > > > -- > > Tomasz Onyszko > > http://www.w2k.pl/blog/ - (PL) > > http://blogs.dirteam.com/blogs/tomek/ - (EN) > > "More secure" meaning more secure than no lockout at all :)
MS paper here: http://www.microsoft.com/downloads/details.aspx?FamilyID=8c8e0d90-a13b-4977-a4fc-3e2b67e3748e&DisplayLang=en neil Show quoteHide quote "MCorn" wrote: > Hi Neil, > Thanks for the information but I don't understand how 50 attempts before an > account lockout is safe(r) and a more secure env than 3. Maybe I have > misunderstood what you're saying and I would love to get the info that you > got on this issue because...Which I totally agree with you...we all could use > a few LESS help desk call! :) > > Thanks, > MCorn > > > "Neil Ruston" wrote: > > > MS and others have suggested that an account lockout threshold of 50 is more > > appropriate. This stops hackers and DOS attacks but allows the user to make > > many mistakes before being locked out. > > > > This should result in a safe(r) and (more) secure env but with fewer help > > desk calls re lockouts. > > > > neil > > > > > > > > > > "Tomasz Onyszko" wrote: > > > > > MCorn wrote: > > > > Hi, > > > > I have two users that try to sign into the network in the mornings and get a > > > > message that their account has been locked out. This happens the first time > > > > that they try to sign on. (We have account lockout at 3 tries). We are using > > > > 2 Windows 2000 Advanced Server clustered together. I tried to use GP to audit > > > > account login failures which shows nothing to give me a clue to whats going > > > > on. Has anybody heard or have gone through something like this? > > > > > > > > > > Try to use these tools to track the cause: > > > http://www.microsoft.com/downloads/details.aspx?FamilyID=7af2e69c-91f3-4e63-8629-b999adde0b9e&DisplayLang=en > > > > > > I don't know what cluster has to do with it in this scenario. > > > > > > -- > > > Tomasz Onyszko > > > http://www.w2k.pl/blog/ - (PL) > > > http://blogs.dirteam.com/blogs/tomek/ - (EN) > > > Hi,
Thanks for the information! I'm going to try the account lockout tool. As far as the clustering, I didn't think it had anything to do with it either but the more information the better when it comes to troubleshooting. I thought something concerning replication between the servers or something like that. Once again Thanks! MCorn Show quoteHide quote "Tomasz Onyszko" wrote: > MCorn wrote: > > Hi, > > I have two users that try to sign into the network in the mornings and get a > > message that their account has been locked out. This happens the first time > > that they try to sign on. (We have account lockout at 3 tries). We are using > > 2 Windows 2000 Advanced Server clustered together. I tried to use GP to audit > > account login failures which shows nothing to give me a clue to whats going > > on. Has anybody heard or have gone through something like this? > > > > Try to use these tools to track the cause: > http://www.microsoft.com/downloads/details.aspx?FamilyID=7af2e69c-91f3-4e63-8629-b999adde0b9e&DisplayLang=en > > I don't know what cluster has to do with it in this scenario. > > -- > Tomasz Onyszko > http://www.w2k.pl/blog/ - (PL) > http://blogs.dirteam.com/blogs/tomek/ - (EN) > 
Other interesting topics
|
|||||||||||||||||||||||
