Hello all
Our Domain policy for account lockouts is set to the below settings. Our AD environment is running in at 2003 native for the DFL and FFL. AD is spread accross two seperate physical sites, each AD site has 2 local DC\GC. All DC's are running 2008 R2 sp1. What we are noticing is a user will get locked out after only 1 or 2 bad password attemps. I also noticed that the DC's that are locking the accounts out are located in a remote AD site from the clients workstation. The DC's that are showing the accounts being locked out are running all the FSMO role. What could be causing this to happen?
| Policy | Setting |
|---|---|
| Account lockout duration | 15 minutes |
| Account lockout threshold | 5 invalid logon attempts |
| Reset account lockout counter after | 15 minutes |
Bulls on Parade
