Is this correct so far? And if so, at the next attempt the account enters a valid password, again to DC2, the new values will be:
PDCe1=0 DC2=0 DC3=0 DC4=0 I’d expect the new values to be PDCe1=2 DC2=0 DC3=1 DC4=1 I can’t think of why the successful login with chain to the PDCe, which is what would decrement its’ local count. Thanks, Brian Desmond w – 312.625.1438 | c – 312.731.3132 From: [email protected] [mailto:[email protected]] On Behalf Of Christopher Bodnar Sent: Monday, May 16, 2016 2:05 PM To: [email protected] Subject: [NTSysADM] badPwdCount clarification Can someone clarify this for me, a little confused on this. Let’s say I have 4 domain controllers (all 2008 R2) in a single site (PDCE1, DC2, DC3, DC4). And let’s say account lockout is set to 5, and there are no RODCs in the environment. Here are the various badPwdCount values on the domain controllers for a test account: PDCe1=1 DC2=2 DC3=1 DC4=1 If the test account enters another bad password, the logon sever that services the request (say DC2) will increment by 1, as well as the PDCe1. So the new values will be: PDCe1=2 DC2=3 DC3=1 DC4=1 Is this correct so far? And if so, at the next attempt the account enters a valid password, again to DC2, the new values will be: PDCe1=0 DC2=0 DC3=0 DC4=0 Or will they be: PDCe1=0 DC2=0 DC3=1 DC4=1 So should the value get reset on all domain controllers, or just the PDCE and the DC servicing the request? Thank you, Christopher Bodnar Enterprise Architect II, Corporate Office of Technology:Enterprise Architecture and Engineering Services Tel 610-807-6459 3900 Burgess Place, Bethlehem, PA 18017 [email protected]<mailto:> [cid:[email protected]] The Guardian Life Insurance Company of America www.guardianlife.com<http://www.guardianlife.com/> ________________________________ ----------------------------------------- This message, and any attachments to it, may contain information that is privileged, confidential, and exempt from disclosure under applicable law. If the reader of this message is not the intended recipient, you are notified that any use, dissemination, distribution, copying, or communication of this message is strictly prohibited. If you have received this message in error, please notify the sender immediately by return e-mail and delete the message and any attachments. Thank you.
