Set 'Account lockout threshold' to 1-10 invalid login attempts Problems

Hello,

Please try the following solutions:

Option 1: Check GPO Enforcement via Group Policy Management

If this is a domain-joined machine:

1. Open Group Policy Management (gpmc.msc).
2. Locate the applied Group Policy Object (GPO) for the affected machine under:

• Computer Configuration -> Policies -> Windows Settings -> Security Settings -> Account Policies -> Account Lockout Policy

3. If the settings are enforced at the domain level, you cannot change them locally.
4. To modify, you need Domain Admin rights to edit the applicable GPO in Active Directory.

If this is a domain-joined machine:

Option 2: Use secpol.msc for Local Security Policy (If Not Domain-Joined)

If this is a workgroup or standalone machine, try:

1. Run secpol.msc (Local Security Policy).
2. Navigate to:
   Security Settings -> Account Policies -> Account Lockout Policy

Option 3: Verify Using RSOP (Resultant Set of Policy)

To check the applied policies:

1. Open Command Prompt (Admin) and run:
   gpresult /h C:\GPOReport.html
2. Open the generated GPOReport.html file to see which GPO is enforcing the policy.

Option 4: Check Permissions & Registry Lockdown

If you’re using an admin account and still cannot modify settings:

• Try running Group Policy Editor as SYSTEM:
psexec -i -s mmc
• If you must modify via the registry (not recommended for GPO-enforced settings):

1. Take ownership of HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RemoteAccess\Parameters\AccountLockout.
2. Grant Full Control permissions to administrators.
3. Modify the registry values.
4. Reboot the system to apply changes.

Thanks,