For SOX compliance, I need to have this parameter set. If I set it to 4,
there are no problems with users here at corporate headquarters.

However, I have users at another plant (same company) that is 300 miles
away. They commect via a dedicated T1 line through Citrix. With the Login
Intruder setting at 4, those users get locked out even though they type
their password right on the first try. The intruder attempt setting kicks
in and their account is disabled.

Any ideas?