PMAdmin Fails to Set AuthAccountDenyThreshold or Timeout

ID: Q194783

The information in this article applies to:
IMPORTANT: This article contains information about editing the registry. Before you edit the registry, make sure you understand how to restore it if a problem occurs. For information about how to do this, view the "Restoring the Registry" Help topic in Regedit.exe or the "Restoring a Registry Key" Help topic in Regedt32.exe.

SYMPTOMS

When you use PMAdmin to set the configuration for AuthAccountDenyTimeout and AuthAccountDenyThreshold, it fails to lock users out within the set threshold and timeout.


CAUSE

Setting the AuthAccountDeny features fails because the PMAdmin script writes the updated values to the wrong registry key using the wrong value type.


WORKAROUND

WARNING: Using Registry Editor incorrectly can cause serious problems that may require you to reinstall your operating system. Microsoft cannot guarantee that problems resulting from the incorrect use of Registry Editor can be solved. Use Registry Editor at your own risk.

For information about how to edit the registry, view the "Changing Keys And Values" Help topic in Registry Editor (Regedit.exe) or the "Add and Delete Information in the Registry" and "Edit Registry Data" Help topics in Regedt32.exe. Note that you should back up the registry before you edit it. If you are running Windows NT, you should also update your Emergency Repair Disk (ERD).

  1. Run Regedit.exe on the IIS computer using Personalization and Membership for authentication.


  2. Go to the following key:
    HKEY_LOCAL_MACHINE\Software\Microsoft\Site Server\3.0\P&M


  3. Click Edit, choose New, and select Key.


  4. Enter "Authentication" (without the quotation marks) as the new key name.


  5. Open the Authentication key.


  6. Click Edit, choose New, and select DWORD Value.


  7. Name the value "BadAuthsAllowed" (without the quotation marks) and set the value to the desired setting for AuthAccountDenyThreshold.


  8. Click Edit, choose New, and select DWORD Value.


  9. Name the value "BlacklistTimeout" (without the quotation marks) and set the value to the desired setting for AuthAccountDenyTimeout.


  10. Close Regedit.exe


  11. Shut down and restart the computer.



STATUS

Microsoft has confirmed this to be a problem in Site Server version 3.0.

Additional query words: 


Keywords          : 
Version           : WINNT:3.0
Platform          : winnt 
Issue type        : kbbug

Last Reviewed: July 20, 1999