Lockout Duration was not set

PPan 1 Reputation point
2022-09-26T04:16:27.067+00:00

If the lockout threshold=5 invalid logon attempts
reset lockout counter = 1440 minutes
Lockout duration = -1 (not set)

If the lockout duration was not set, what will happen or impact to the Lockout threshold and reset lockout counter?

Windows
Windows
A family of Microsoft operating systems that run across personal computers, tablets, laptops, phones, internet of things devices, self-contained mixed reality headsets, large collaboration screens, and other devices.
4,866 questions
Active Directory
Active Directory
A set of directory-based technologies included in Windows Server.
6,005 questions
0 comments No comments
{count} votes

2 answers

Sort by: Most helpful
  1. Gary Reynolds 9,396 Reputation points
    2022-09-26T10:45:12.097+00:00

    Hi @PPan

    Have a look at this post which explains how the three option interact to control the lockout behavior

    https://specopssoft.com/blog/active-directory-account-lockout-policy/

    Gary.


  2. Limitless Technology 44,016 Reputation points
    2022-09-28T07:29:50.947+00:00

    Hi PPan-9056,

    Please refer to the following link for information about lockout policies within Group Policy:

    https://learn.microsoft.com//windows/security/threat-protection/security-policy-settings/account-lockout-policy

    I hope this answers your question.

    -------------------------------------------------------------------------------------------------------------------------------------

    --If the reply is helpful, please Upvote and Accept as answer--

    0 comments No comments