Is it best practice to use account lockout policy

Similar Messages

• Is account lockout policy still best practice

  Windows Server 2008 r2 (will be moving to 2012 r2)
  since implementing account lockout policy two days ago, we've been bombarded by calls to unlock accounts. and after a few minutes, same users get their accounts locked again.
  my question, since we are already using strong password policy (8 chars min, 90 days max to expire), at this day and age is it still best practice to rely on account lockout policy? keeping in mind the above flood of calls.

  Just to add, I think it would have been a better idea to broadcast the planned changes organization wide before implemeting something like this.
  Place to check that we usually check and possibly good to let people know:
  Desktops
  Extra Laptops that may not be on site
  Mobile phone Exchange accounts or Office 365 hybrid ADFS accounts
  WIFI profiles on laptops, iPads, other tablets, mobile phones, etc
  Locked workstations that have not been logged off
  Services using a user account or with old credentials - usually I see devs doing this
  Mapped Drives with explicit permissions
  Current running RDP/RDS sessions
  Scheduled Tasks with old credentials
  VPN connections
  etc
  Troubleshooting account lockout the Microsoft PSS way
  http://blogs.technet.com/b/instan/archive/2009/09/01/troubleshooting-account-lockout-the-pss-
  Account Lockout and Management Tools
  http://www.microsoft.com/en-us/download/details.aspx?id=18465way.aspx
  Ace Fekay
  MVP, MCT, MCSE 2012, MCITP EA & MCTS Windows 2008/R2, Exchange 2013, 2010 EA & 2007, MCSE & MCSA 2003/2000, MCSA Messaging 2003
  Microsoft Certified Trainer
  Microsoft MVP - Directory Services
  Complete List of Technical Blogs: http://www.delawarecountycomputerconsulting.com/technicalblogs.php
  This posting is provided AS-IS with no warranties or guarantees and confers no rights.

• What are the best practices for using the enhancement framework?

  Hello enhancement framework experts,
  Recently, my company upgraded to SAP NW 7.1 EhP6.  This presents us with the capability to use the enhancement framework.
  A couple of senior programmers were asked to deliver a guideline for use of the framework.  They published the following statement:
  "SAP does not guarantee the validity of the enhancement points in future releases/versions. As a result, any implemented enhancement points may require significant work during upgrades. So, enhancement points should essentially be used as an alternative to core modifications, which is a rare scenario.".
  I am looking for confirmation or contradiction to the statement  "SAP does not guarantee the validity of enhancement points in future releases/versions..." .  Is this a true statement for both implicit and explicit enhancement points?
  Is the impact of activated explicit and implicit enhancements much greater to an SAP upgrade than BAdi's and user exits?
  Is there any SAP published guidelines/best practices for use of the enhancement framework?
  Thank you,
  Kimberly
  Edited by: Kimberly Carmack on Aug 11, 2011 5:31 PM

  Found an article that answers this question quite well:
  [How to Get the Most From the Enhancement and Switch Framework as a Customer or Partner - Tips from the Experts|http://www.sdn.sap.com/irj/scn/index?rid=/library/uuid/c0f0373e-a915-2e10-6e88-d4de0c725ab3]
  Thank you Thomas Weiss!

• Best practice to use MediaPlayer?

  Is the best practice to use attributes of MediaPlayer (such as playing) or to request the PlayTrait and read its playState attribute?
  (This question comes from a customer.  Reposting here for the OSMF team to respond and for the benefit of the whole group.)
  Sumner Paine
  osmf product manager

  For playback use cases, I'd recommend you stick with MediaPlayer, as it's simpler to use and manages all of the trait event registration.

• Best practice for using messaging in medium to large cluster

  What is the best practice for using messaging in medium to large cluster In a system where all the clients need to receive all the messages and some of the messages can be really big (a few megabytes and maybe more)
  I will be glad to hear any suggestion or to learn from others experience.
  Shimi

  publish/subscribe, right?
  lots of subscribers, big messages == lots of network traffic.
  it's a wide open question, no?
  %

• Best practice for using common VIs

  Hi,
  I have some projects, which use some common VIs (like open/close file format and similar). What is the best practice to use these common VIs? Now I copy these to the project folders, but now I have multiple copies of some VIs, which is difficult to maintian, if I need to modify something in these common files. 
  What sould i use? Still copy, or link the common folder to my project, or use a packed project, or something else?
  Thanks

  dont know if it is the best practice but with every new project, I create a new folder in my project (right click on my computer -> new -> virtual folder) and link that virtual folder to my folder that contains all my common code (vi/ctl/class) by right clicking on the newly created virtual folder and choosing "Convert to auto-populating folder".
  One downside is that if you modify one of those vis for your new application, it might break it for one of your older projects.
  I also use source code control (svn / git / mercurial / etc..) so if that happens, I can always go back to a previous working version.

• Best Practice for using multiple models

  Hi Buddies,
       Can u tell me the best practices for using multiple models in single WD application?
      Means --> I am using 3 RFCs on single application for my function. Each time i am importing that RFC model under
      WD --->Models and i did model binding seperately to Component Controller. Is this is the right way to impliment  multiple            models  in single application ?

  It very much depends on your design, but One RFC per model is definitely a no no.
  Refer to this document to understand how should you use the model in most efficient way.
  http://www.sdn.sap.com/irj/scn/go/portal/prtroot/docs/library/uuid/705f2b2e-e77d-2b10-de8a-95f37f4c7022?quicklink=events&overridelayout=true
  Thanks
  Prashant

• Best practice when using Tangosol with an app server

  Hi,
  I'm wondering what is the best practice when using Tangosol with an app server (Websphere 6.1 in this case). I've been able to set it up using the resource adapter, tried using distributed transactions and it appears to work as expected - I've also been able to see cache data from another app server instance.
  However, it appears that cache data vanishes after a while. I've not yet been able to put my finger on when, but garbage collection is a possibility I've come to suspect.
  Data in the cache survives the removal of the EJB, but somewhere later down the line it appear to vanish. I'm not aware of any expiry settings for the cache that would explain this (to the best of my understanding the default is "no expiry"), so GC came to mind. Would this be the explanation?
  If that would be the explanation, what would be a better way to keep the cache from being subject to GC - to have a "startup class" in the app server that holds on to the cache object, or would there be other ways? Currently the EJB calls getCacheAdapter, so I guess Bad Things may happen when the EJB is removed...
  Best regards,
  /Per

  Hi Gene,
  I found the configuration file embedded in coherence.jar. Am I supposed to replace it and re-package coherence.jar?
  If I put it elsewhere (in the "classpath") - is there a way I can be sure that it has been found by Coherence (like a message in the standard output stream)? My experience with Websphere is that "classpath" is a rather ...vague concept, we use the J2CA adapter which most probably has a different class loader than the EAR that contains the EJB, and I would rather avoid to do a lot of trial/error corrections to a file just to find that it's not actually been used.
  Anyway, at this stage my tests are still focused on distributed transactions/2PC/commit/rollback/recovery, and we're nowhere near 10,000 objects. As a matter of fact, we haven't had more than 1024 objects in these app servers. In the typical scenario where I've seen objects "fade away", there has been only one or two objects in the test data. And they both disappear...
  Still confused,
  /Per

• Best Practice regarding using and implementing the pref.txt file

  Hi All,
  I would like to start a post regarding what is Best Practice in using and implementing the pref.txt file. We have reached a stage where we are about to go live with Discoverer Viewer, and I am interested to know what others have encountered or done to with their pref.txt file and viewer look and feel..
  Have any of you been able to add additional lines into the file, please share ;-)
  Look forward to your replies.
  Lance

  Hi Lance
  Wow, what a question and the simple answer is - it depends. It depends on whether you want to do the query predictor, whether you want to increase the timeouts for users and lists of values, whether you want to have the Plus available items and Selected items panes displayed by default, and so on.
  Typically, most organizations go with the defaults with the exception that you might want to consider turning off the query predictor. That predictor is usually a pain in the neck and most companies turn it off, thus increasing query performance.
  Do you have a copy of my Discoverer 10g Handbook? If so, take a look at pages 785 to 799 where I discuss in detail all of the preferences and their impact.
  I hope this helps
  Best wishes
  Michael Armstrong-Smith
  URL: http://learndiscoverer.com
  Blog: http://learndiscoverer.blogspot.com

• Best Practice for Using Static Data in PDPs or Project Plan

  Hi There,
  I want to make custom reports using PDPs & Project Plan data.
  What is the Best Practice for using "Static/Random Data" (which is not available in MS Project 2013 columns) in PDPs & MS Project 2013?
  Should I add that data in Custom Field (in MS Project 2013) or make PDPs?
  Thanks,
  EPM Consultant
  Noman Sohail

  Hi Dale,
  I have a Project Level custom field "Supervisor Name" that is used for Project Information.
  For the purpose of viewing that "Project Level custom field Data" in
  Project views , I have made Task Level custom field
  "SupName" and used Formula:
  [SupName] = [Supervisor Name]
  That shows Supervisor Name in Schedule.aspx
  ============
  Question: I want that Project Level custom field "Supervisor Name" in
  My Work views (Tasks.aspx).
  The field is enabled in Task.aspx BUT Data is not present / blank column.
  How can I get the data in "My Work views" ?
  Noman Sohail

• Best practice for use of spatial operators

  Hi All,
  I'm trying to build a .NET toolkit to interact with Oracles spatial operators. The most common use of this toolkit will be to find results which are within a given geometry - for example select parish boundaries within a county.
  Our boundary data is high detail, commonly containing upwards of 50'000 vertices for a county sized polygon.
  I've currently been experimenting with queries such as:
  select
  from
  uk_ward a,
  uk_county b
  where
  UPPER(b.name) = 'DORSET COUNTY' and
  sdo_relate(a.geoloc, b.geoloc, 'mask=coveredby+inside') = 'TRUE';
  However the speed is unacceptable, especially as most of the implementations of the toolkit will be web based. The query above takes around a minute to return.
  Any comments or thoughts on the best practice for use of Oracle spatial in this way will be warmly welcomed. I'm looking for a solution which is as quick and efficient as possible.

  Thanks again for the reply... the query currently takes just under 90 seconds to return. Here are the results from the execution plan ran in sql*:
  Elapsed: 00:01:24.81
  Execution Plan
  Plan hash value: 598052089
  | Id | Operation | Name | Rows | Bytes | Cost (%CPU)| Time |
  | 0 | SELECT STATEMENT | | 156 | 46956 | 76 (0)| 00:00:01 |
  | 1 | NESTED LOOPS | | 156 | 46956 | 76 (0)| 00:00:01 |
  |* 2 | TABLE ACCESS FULL | UK_COUNTY | 2 | 262 | 5 (0)| 00:00:01 |
  | 3 | TABLE ACCESS BY INDEX ROWID| UK_WARD | 75 | 12750 | 76 (0)| 00:00:01 |
  |* 4 | DOMAIN INDEX | UK_WARD_SX | | | | |
  Predicate Information (identified by operation id):
  2 - filter(UPPER("B"."NAME")='DORSET COUNTY')
  4 - access("MDSYS"."SDO_INT2_RELATE"("A"."GEOLOC","B"."GEOLOC",'mask=coveredby+i
  nside')='TRUE')
  Statistics
  20431 recursive calls
  60 db block gets
  22432 consistent gets
  1156 physical reads
  0 redo size
  2998369 bytes sent via SQL*Net to client
  1158 bytes received via SQL*Net from client
  17 SQL*Net roundtrips to/from client
  452 sorts (memory)
  0 sorts (disk)
  125 rows processed
  The wards table has 7545 rows, the county table has 207.
  We are currently on release 10.2.0.3.
  All i want to do with this is generate results which fall in a particular geometry. Most of my testing has been successful i just seem to run into issues when querying against a county sized polygon - i guess due to the amount of vertices.
  Also looking through the forums now for tuning topics...

• Best practices on using EVALUATE functions

  hi, experts,
  I wanna know what is the best practices on using EVALUATE functions on obiee (calling oracle user defined functions)
  I found that if I use evaluate functions in Answers,
  obiee will construct a sql behind and then execute.
  sometimes, obiee contructs some unexpected sqls, and returns errors.
  so, is it better to use EVALUATE functions in logical columns ?
  thanks

  EVALUATE('DB_Function(%1)' as returntype, {Comma separated Expression})
  even when used in Logical columns, its gonna fire the same sql.

• What is the best practice for using the Calendar control with the Dispatcher?

  It seems as if the Dispatcher is restricting access to the Query Builder (/bin/querybuilder.json) as a best practice regarding security.  However, the Calendar relies on this endpoint to build the events for the calendar.  On Author / Publish this works fine but once we place the Dispatcher in front, the Calendar no longer works.  We've noticed the same behavior on the Geometrixx site.
  What is the best practice for using the Calendar control with Dispatcher?
  Thanks in advance.
  Scott

  Not sure what exactly you are asking but Muse handles the different orientations nicely without having to do anything.
  Example: http://www.cariboowoodshop.com/wood-shop.html

• Best practice to use PXE on 802.1X network ?

  Hello,
  We use Cisco ISE 1.2.0.899 on our network (we plan to upgrade to 1.3 in some months).
  Our network includes Cisco models 2960S (and some 2960T) about wired and 2602I (with WISM2) about wireless.
  We have to allow PXE boot on one (or many) VLAN.
  Do you know what's the best practice to use PXE on a 802.1X network ?
  Does ISE and/or Switch can recognize PXE request?
  Do we have to use settings/rules into ISE or on Switch?
  Does the easy way is to allow PXE on WebAuth VLAN?
  Regards,
  Chris

  I am in a similar position.
  We would prefer to keep all switch ports common, even those used for imaging from scratch.
  For PXE as far as I can see we need to allow the port to quickly fail 802.1X and MAB to a remediation VLAN.
  Using ISE we can apply an ACL that allows PXE bootp and dhcp requests and responses along with any other traffic we want in that network i.e. access to internet proxy server, anti-virus updates for posturing etc.
  I haven't configured this yet so I'm not sure of what issues we'll face with timing. We currently use an auth pattern of 802.1X first, then MAB, then fail open to the static VLAN. With ISE 1.3 this is the supposed suggested method instead of a hard "closed" mode. 
   switchport access vlan XX
   switchport mode access
   network-policy VV
   ip access-group ACL-ALLOW in
   authentication event fail action next-method
   authentication event server dead action reinitialize vlan XX
   authentication event server dead action authorize voice
   authentication host-mode multi-domain
   authentication open
   authentication order dot1x mab
   authentication priority dot1x mab
   authentication port-control auto
   authentication periodic
   authentication violation restrict
   mab
   dot1x pae authenticator
   dot1x timeout tx-period 10

• Best practice to use Tortoise SVN with LV

  Can anyone recommend what is the best practice to use and structure the project using TSVN with LV? I have seen the jki tool and have also read about some issues of linkage when using TSVN with LV as posted on the forum here. I suppose these linkage issues still exists? Other than perforce is there any suggestion on source control that integrates well with LV?
  TIA
  CLD,CTD

  We use Tortoise SVN with LV and it works very good. It's not integrated in that i cannot from within LV check in and out stuff, i have to do that in the Explorer. That's not a problem to me.
  SVN is a very good source and version control regardless.
  One small issue with external handling is if you want to change an already used and active filename. In LV you can save to another filename and references will update, but ofcourse SVN doesn't pick up on that automagically. There are two solutions to this:
  1. When you check in, you'll get 1 added and 1 deleted file, select both, r-click and "Repair move".
  2. After changing the filename in LV, change it back in explorer and r-click the file for a SVN rename and rename it to the new name.
  /Y
  LabVIEW 8.2 - 2014
  "Only dead fish swim downstream" - "My life for Kudos!" - "Dumb people repeat old mistakes - smart ones create new ones."
  G# - Free award winning reference based OOP for LV