Does anyone know of a method (reg hack, GPO, etc) that can limit the number of times a user account can be used to login locally before being disabled? (Win2000/XP)

I know that such a method exists, as I have observed it in use before, eg. a certain account was set up to allow the user to login locally 3 times, then automatically disable the account after that.

I require such a method to enable temporary user accounts that I do not wish to limit to a particular time-frame, but rather usage frame.

Ideally, there would be such a method that could be set locally (using Local Computer Policy), so I could enable it on certain desktops only.

Any advice from other network administrators/gurus would be appreciated

I've only seen that option with Active Directory myself.. not saying that its impossible for local logins though, but to say the least =)

No need to hack around in registry (or anywhere else for that matter:P). Go to Administrative Tools menu. click on Local Security Policy. In the mmc that pops up, under Security Settings\Account Policies you find Account Lockout Policy. This is similar to both Win 2k as well as XP.