Hi all,
we are syncing our on-premises Active Directory to Azure AD with password synchronization.
Our Active Directory account lockout policy is disabled, so even with multiple bad retries, the user is never locked.
Obviously, a user trying to connect to office 365 has typed a wrong password for many times thae a captcha.
This is the behavior of Azure AD lockout policy :
https://msdn.microsoft.com/en-us/library/azure/jj943764.aspx
-------------------------------------------------------------------------------
Account Lockout
After 10 unsuccessful logon attempts (wrong password), the user will need to solve a CAPTCHA dialog as part of logon.
After a further 10 unsuccessful logon attempts (wrong password) and correct solving of the CAPTCHA dialog, the user will be locked out for a time period. Further incorrect passwords will result in an exponential increase in the lockout time period.
-------------------------------------------------------------------------------
The user account is then locked.
After reading a lot of blogs, it seems that there is two identity model : Managed accounts and federated accounts. And that the policy is applied to the managed model
https://oddytee.wordpress.com/2014/10/09/office-365-password-policy/
My question is the following : Is our scenario ( ADDS replicated with password to Azure AD + ADFS) is a managed model or federated model
Regards, Samir Farhat || Datacenter Consultant || The way to share my knowledge with the communityVisit my blog : buildwindows.wordpress.com