Good morning, I have a customer that is seeing some issues with Intruder
Lockout(s) Please see my initial message to them,

"Is the intruder lockout happening to more than one student account, or
is there just one account that seems to be getting locked out?
Are the users that are getting the lockouts contained in a specific
container, or again are they located in different containers throughout
the tree?
If we can start to see a pattern we can determine if an intruder
lockout has been set somewhere. The default time(s) for detecting
incorrect login attempts is 30 minutes, and lock account after detection
is 15 minutes.
You can check these settings in iManager by use the "Browse" feature
selecting on an "ou" and then checking the intruder detection tab.
Let me know if your seeing a pattern from the lockouts and we can move
forward from there."

This was their response back
"The school (OU) has Intruder Lockout values of 3 incorrect logins in a
30 minute interval with a 30 min reset time.
The Employee (OU) under the school has the same values per our Security
Department's SOP.
The Student (OU) has no values set on that container for Intruder
Lockout since we have a 'universal' account for student that is used at
all our schools except for one high school. The helpdesk is saying that
the number of incorrect logins for student used to be 6 or more and the
lockout time was 15 minutes. Now they are being locked out after fewer
incorrect logins and the reset time has jumped to 30 minutes. Since
there are no values for Intruder Lockout set on the Student OU or the
student account itself it appears that the Intruder Lockout values are
being inherited from the parent container, School (OU)."

Is the above a correct statement? Can the values be inherited from the
higher (parent) container?

dschaldenovell's Profile:
View this thread: