Skip navigation
Menu
Compute Engines

JSI Tip 1485. Can't logon to LAN because of RAS lockout?

If you have the Account Lockout feature enabled, unsuccessful attempts to logon via RAS will trigger the lockout.

To resolve the problem, apply SP4 or later.

If your RAS server is NOT a Domain Controller, run Raslock.exe to install the RAALM (Remote Access Account Lockout Manager). In Control Panel / Services, configure its' Startup to use a Domain Admins account (any account that has the right to edit user accounts).

Use Regedt32 to navigate to:

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RemoteAccess\Parameters

Edit or Add Value name MaxDenials, a type REG_DWORD, and set the data value to the number of consecutive bad attempts before locking the account. A value of 0 disables RAS account lockout.

Hide comments

More information about text formats

Comments

  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.
Publish
Recommended Reading
empty cockpit of autonomous car
What Is a Real-Time Operating System, and Who Needs One?
Mar 05, 2024
ERP button on keyboard
5 ERP Trends to Watch in 2024
Jan 17, 2024
automation key on keyboard
Storage Management as a Case Study for Network Automation Adoption
Dec 21, 2023
Abstract technology concept lighting effect on dark blue background
Top 10 Stories About Compute Engines, Linux in 2023
Dec 18, 2023