The discovery of this info, from 'net accounts,' ultimately worked for me, and I was able to write a script that quickly displayed the Lockout policy info. Here is the output from 'net accounts':..
PS C:\Users\Freemium> net accounts
Force user logoff how long after time expires?: 0
Minimum password age (days): 1
Maximum password age (days): 60
Minimum password length: 14
Length of password history maintained: 24
Lockout threshold: 3
Lockout duration (minutes): 15
Lockout observation window (minutes): 15
Computer role: WORKSTATION
The command completed successfully.
This code snippet was created to get the info into a variable:
$lockoutObj = net accounts | Select-string threshold
$lockoutStr = $lockoutObj.ToString()
$lockoutStr -match '\d{1,3}' | out-null
$LO_threshold = $matches[0]
PS C:\Users\Freemium> echo $LO_threshold
3
If you need to set the lockout threshold use this command (elevated priv. needed):
PS C:\Users\Freemium> net accounts /lockoutthreshold:10
The command completed successfully
PS C:\Users\Freemium> net accounts
Force user logoff how long after time expires?: 0
Minimum password age (days): 1
Maximum password age (days): 60
Minimum password length: 14
Length of password history maintained: 24
Lockout threshold: 10
Lockout duration (minutes): 15
Lockout observation window (minutes): 15
Computer role: WORKSTATION
The command completed successfully.
There are the options:
NET ACCOUNTS
[/FORCELOGOFF:{minutes | NO}] [/MINPWLEN:length]
[/MAXPWAGE:{days | UNLIMITED}] [/MINPWAGE:days]
[/UNIQUEPW:number] [/DOMAIN]
You just change lockouttreshold to /maxpwage:20 and thats it.
No comments:
Post a Comment