Resolving account lockouts on Windows Home Server

The Windows Home Server uses local user accounts to control who can access it’s shared folders.  At times, these accounts may get locked out for one reason or another, preventing you from accessing the shared folders or even the server itself.  This post will outline the common fixes to user account lockouts on a Windows Home Server:

  • Bad Cached Credentials – You may have saved a bad password at one point when Windows prompted you for credentials.  To correct bad saved credentials:
    • START | RUN | rundll32.exe keymgr.dll, KRShowKeyMgr
    • Select the saved credential that is likely causing the lock out (usually one that has the home server name or IP listed)
    • You can now EDIT to update the password or REMOVE to delete the cached credentital
  • Passwords are out of sync – Usually you will get some sort of error message indiciating a password mismatch.  If so, do the following to correct:
    • Right click on your home server tray icon and choose UPDATE PASSWORD (if it’s greyed out, then your passwords are not out of sync)
    • Follow the wizard to sync your passwords
  • Incorrect LAN Manager Authentication – If you are using one of the newer operating systems (ex. Vista or Windows 7), the way you authenticate to the Home Server may result in an account lock out.  These newer operating systems use NTLMv2 to communicate to network shares while the Home Server uses NTLM only.  You can either change every newer operating system or the home server (or both) to be able to convert NTLMv2 to NTLM if needed.  To do so:
    • Logon to the home server or the target computer
    • START | RUN | secpol.msc
    • Local Policies | Security Options | Network Security: LAN Manager Authentication
    • Set to NTVLM2 responses only to LM and NTLM – use NTLMV2 session security if negotiated