Section 28: Security Options (Interactive Logon)
28.03 Machine Account Lockout Threshold (Maximum)
The maximum desired value for the Interactive logon: Machine account lockout threshold security option.
28.03 Machine Account Lockout Threshold (Minimum)
The minimum desired value for the Interactive logon: Machine account lockout threshold security option.
28.04 Machine Inactivity Limit
Determines the maximum desired value for the Interactive logon: Machine inactivity limit security option as the number of seconds of inactivity before a user's session locks by invoking the screen saver. This setting only applies to Windows 2012, Windows 8, and above.
28.05 Logon Message Text
The desired value for the Interactive logon: Message text for users attempting to log on security option. When empty, the benchmark ensures that a value is set and displays a result type of manual validation required. When this value is set the value must match exactly.
28.06 Logon Message Title
The desired value for the Interactive logon: Message title for users attempting to log on security option. When empty, the benchmark ensures that a value is set and displays a result type of manual validation required. When this value is set the value must match exactly.
28.07 Number Of Cached Logons (Workstations)
Determines the maximum desired value for the Interactive logon: Number of previous logons to cache (in case domain controller is not available) security option as the number of logons to cache to allow a user to log on to a Windows domain by using cached account information on workstation operating systems.
28.07 Number Of Cached Logons (Servers)
Determines the maximum desired value for the Interactive logon: Number of previous logons to cache (in case domain controller is not available) security option as the number of logons to cache to allow a user to log on to a Windows domain by using cached account information on server operating systems. This does not apply to domain controllers.
28.08 Prompt Password Change Before Expiration (Minimum)
Determines the minimum desired value for the Interactive log on: Prompt the user to change passwords before expiration security option as the number of days in advance users are warned that their passwords are about to expire.
28.08 Prompt Password Change Before Expiration (Maximum)
Determines the maximum desired value for the Interactive log on: Prompt the user to change passwords before expiration security option as the number of days in advance users are warned that their passwords are about to expire.