HKLM\SYSTEM\CurrentControlSet\Services\RemoteAccess\Parameters\AccountLockout\
The <domain>:<user-name> subkey in AccountLockout subkey stores the account lockout record for a user.
The system adds this subkey to the registry when a dial-in authentication attempt for the user account fails, that is, when the value of Denials for a user account is 1. The system deletes this subkey when the value of ResetTime (mins) expires, setting the value of Denials for all users back to 0.
The <domain>:<user-name> subkey is a variable representing the subkeys in the AccountLockout subkey. It doesn't actually appear in the registry. We use this variable subkey to display the entries that can appear in any AccountLockout user subkey.
Note
Account lockout prevents all dial-in access to a locked user account, not just access from the computer that submitted the failed authentication.
Tip
To disable Account Lockout or reset all user denial counts to 0 while the server is running, set the value of MaxDenials to 0. If you delete the AccountLockout subkey or the <domain>:<user-name> subkey for a user, the service does not detect the change until the system is restarted.