mattash55
asked on
Need to impliment a OWA lockout policy, AD one doesnt seem to work
Im trying to impliment a OWA policy so when external users enter the wrong credentials 3 times thier OWA/AD account gets locked out so they are unable to login to OWA (For security reasons)
I implimented a Group Policy to lockout the AD account, which works the AD account is disabled, but the users are still able to access thier Mailbox via OWA even if their accoutn is disabled. Is there a way to Lockout OWA Accounts ? I thought it would be the same as AD ?
cheers
Matthew
I implimented a Group Policy to lockout the AD account, which works the AD account is disabled, but the users are still able to access thier Mailbox via OWA even if their accoutn is disabled. Is there a way to Lockout OWA Accounts ? I thought it would be the same as AD ?
cheers
Matthew
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Are you sure that the lockout duration is not still at the standard 30 mins? I can't imagine any reason why they should be able to access OWA alone. If the lockout is initiated by IIS, though, it might take a while to take effect. It always used to, anyway.
ASKER
We have two DC`s at our site and 1 DC at the other 5 sites. We`re not using FBA, it`ll enable it and see if that solves the problem
ASKER
Hmm enabling FBA didnt seem to solve it. OWA is now prompting be for credentials when I log off from the browser :/ ideas ?
I think OWA not locking out was simply down to time, im able to log in with the disbled users account for afew mins and then it just keeps prompting and doesnt go in, so thats OK.
I think OWA not locking out was simply down to time, im able to log in with the disbled users account for afew mins and then it just keeps prompting and doesnt go in, so thats OK.
ASKER
dont worry about the Log Off box its ok now
ASKER
Cheers for the help guys, turns out it was just me being impatient :)
ASKER