JSI Tip 1134. A BDC replicates Account Lockout.
March 9, 1999
Normally, all user account replication is triggered by the PDC.
One of the exceptions to this rule is Account Lockout.
When a BDC's bad logon counter is reached, it replicates this information to the PDC. The PDC uses the normal replication interval to update each of the outdated BDCs.
You can change the replication interval by using Regedt32 to navigate to:
HKEY_LOCAL_MACHINESystemCurrentControlSetServicesNetlogonParameters
Add Value name Pulse as a type REG_DWORD. Set the data value to the replication interval, in seconds (using the decimal radix).
The default is 300 seconds (5 minutes). The maximum value is 172,800 seconds (48 hours).NOTE: Netlogon calculates a replication interval based on the workload of the domain controllers. Adding the Pulse value overrides this calculation.
About the Author
You May Also Like