Quantcast
Channel: Azure Active Directory forum
Viewing all articles
Browse latest Browse all 16000

Azure AD accounts lockout policy

$
0
0

Hi all,

we are syncing our on-premises Active Directory to Azure AD with password synchronization.

Our Active Directory account lockout policy is disabled, so even with multiple bad retries, the user is never locked.

Obviously, a user trying to connect to office 365 has typed a wrong password for many times thae a captcha.

This is the behavior of Azure AD lockout policy : https://msdn.microsoft.com/en-us/library/azure/jj943764.aspx

-------------------------------------------------------------------------------
Account Lockout
After 10 unsuccessful logon attempts (wrong password), the user will need to solve a CAPTCHA dialog as part of logon.
After a further 10 unsuccessful logon attempts (wrong password) and correct solving of the CAPTCHA dialog, the user will be locked out for a time period. Further incorrect passwords will result in an exponential increase in the lockout time period.
-------------------------------------------------------------------------------

The user account is then locked.

After reading a lot of blogs, it seems that there is two identity model : Managed accounts and federated accounts. And that the policy is applied to the managed model

http://blogs.technet.com/b/jeff_stokes/archive/2013/07/08/another-cloud-tip-federated-vs-managed-users.aspx

https://oddytee.wordpress.com/2014/10/09/office-365-password-policy/

My question is the following : Is our scenario ( ADDS replicated with password to Azure AD + ADFS) is a managed model or federated model


Regards, Samir Farhat || Datacenter Consultant || The way to share my knowledge with the communityVisit my blog : buildwindows.wordpress.com


Viewing all articles
Browse latest Browse all 16000

Trending Articles



<script src="https://jsc.adskeeper.com/r/s/rssing.com.1596347.js" async> </script>