INFO: Undocumented "Net Accounts" Switches

ID: Q194739

The information in this article applies to:

Microsoft Windows NT Workstation version 4.0
Microsoft BackOffice Small Business Server versions 4.0, 4.0a
Microsoft Windows NT Server version 4.0
Microsoft Windows NT Server, Enterprise Edition version 4.0
Microsoft Windows 2000 Server
Microsoft Windows 2000 Professional

SUMMARY

The NET ACCOUNTS command modifies password and logon requirements for all accounts, and can synchronize the user accounts database. The Netlogon service must be running on the computer where you are changing account settings.

MORE INFORMATION

To display the utility's documented parameters, type net accounts /? at the command prompt. The documented parameters are:


   NET ACCOUNTS [/FORCELOGOFF:{minutes | NO}] [/MINPWLEN:length]

                [/MAXPWAGE:{days | UNLIMITED}] [/MINPWAGE:days]
                [/UNIQUEPW:number] [/DOMAIN]

To synchronize a domain user account database, at the command prompt type:

NET ACCOUNTS /SYNC

However, the following parameters are not documented:

/LOCKOUTTHRESHOLD:<number of failed attempts>

This parameter allows you to configure the number of failed logon attempts before the account is locked. The range is 1 to 999.

/LOCKOUTDURATION:<minutes>

This parameter specifies the number of minutes accounts remain locked before automatically becoming unlocked. The range is 1 to 99999.

/LOCKOUTWINDOW:<minutes>

This parameter lets you configure the maximum number of minutes between two consecutive failed logon attempts before an account is locked. The range is 1 to 99999.

NOTE: Failed logon attempts on workstations or member servers that are secured using either Lock Workstation, or a screensaver using password protection, do not increment the account lockout setting entered via the NET ACCOUNTS command.


Keywords          : ntdomain 
Version           : Windows:4.0,4.0a; WinNT:4.0,5.0
Platform          : winnt 
Issue type        : kbinfo

Last Reviewed: February 23, 1999