Secedit Example: Windows Account Lockout: 15/10/10
| 1 Votes |
Description
Configure Windows Account Lockout Policy (for Workstation or Member Servers, not Domain Controllers).
15 bad attempts in 10 minutes triggers 10 minute lockout.
Property Details
| 27000 | |
| Beta - Preliminary testing ready for more | |
| Secedit Example: Windows Account Lockout: 15/10/10 | |
| BESC | |
| Internal | |
| 4/10/2023 12:00:00 AM | |
| windows, security policy, account, account lockout | |
| JasonWalker on 4/10/2023 4:29:51 PM | |
| JasonWalker on 4/10/2023 4:29:51 PM | |
| 674 Views / 2 Downloads | |
* Average over 0 ratings.
** Log In or Register to add your rating.
|
Relevance
isWindows (Relevance 1172)
windows of operating system
if exists property "in proxy agent context" then not in proxy agent context else true
| Used in 1 fixlet | * Results in a true/false |
/* no domain controllers */ product type of operating system = nt workstation product type or product type of operating system = nt server product type
| Used in 1 fixlet | * Results in a true/false |
(account lockout duration of it / minute != 10 or account lockout observation window of it /minute != 10 or account lockout threshold of it != 15) of security database
Actions
Action 1 (default)
Action Link Click
here to deploy this action.
Script Type
BigFix Action Script
action uses wow64 redirection {not x64 of operating system}
delete __createfile
createfile until BIGFIX_EOF_MARKER
[Unicode]
Unicode=yes
[System Access]
LockoutBadCount = 15
ResetLockoutCount = 10
LockoutDuration = 10
[Version]
signature="$CHICAGO$"
Revision=1
BIGFIX_EOF_MARKER
delete tempdb.sdb
delete tempcfg.inf
move __createfile tempcfg.inf
waithidden secedit.exe /configure /cfg tempcfg.inf /db tempdb.sdb
continue if {exit code of action = 0}
Success Criteria
This action will be considered successful when the applicability relevance evaluates to false.
Sharing
| Social Media: |
