We have Exchange 2003 with OWA enabled.
We have noticed that some user accounts started being locked by passwords wrongly typed (OWA intusion try).
As a first workarround, we have disable user's OWA access but this was not successfull.
I know that OWA first verifies Username and Password, and then, checks if user has access to OWA.
Is there any way to make OWA first check if the user has access to it, and then, if passed, verify Username and Password? By this was, this kind of intrusion will not lock the user account anymore.
Any other suggestion is also wellcome.