From LedHed's Wiki
Jump to: navigation, search
Line 6: Line 6:
 
[[File:PCIDSS AccountLockout.png]]
 
[[File:PCIDSS AccountLockout.png]]
  
''Note: "Reset account lockout counter after" setting is required when you enable "Account lockout duration" There is no PCI requirement for this setting.''
+
''Note: When you enable "Account lockout duration" Group Policy requires "Reset account lockout counter after" be enabled, This is not a PCI requirement, but rather a dependency imposed by Microsoft.''
  
  

Revision as of 22:22, 13 March 2014

Overview

This article illustrates how to implement PCI DSS v3 Section 8.1 via Windows Group Policy.

Settings

The only 8.1 requirements that can be set via group policy are Sections: 8.1.6 and 8.1.7. See the image below.
PCIDSS AccountLockout.png

Note: When you enable "Account lockout duration" Group Policy requires "Reset account lockout counter after" be enabled, This is not a PCI requirement, but rather a dependency imposed by Microsoft.


Reference

PCI DSS Quick Reference

https://www.pcisecuritystandards.org/documents/PCI_DSS_v3.pdf