Server 2008 password policy lockout

I need to implement a password policy for a network, this includes a lock out policy. I am wondering how admin's are addressing a lock out policy. If for instance I set a lockout policy to lock the account for 30 minutes after 3 invalid login attempts then if the user changes their password but fails to change it in email on their phone then the phone will obviously try to connect to the server with the wrong password and lock out the account.
Any suggestions
LVL 6
Sid_FAsked:
Who is Participating?
 
Will SzymkowskiSenior Solution ArchitectCommented:
If you are only concerned about the phone's that are using active sync you can create or modify the default "Exchange ActiveSync Mailbox Policy".

- Open the EMC
- Expand Organization Config, select Client Access
- Right click the Default Policy (or create a new one), select Properties
- Click on the Password tab
- Change the Number of failed attempts to something higher then your password policy in AD

Thanks

Will.
0
 
Sikhumbuzo NtsadaSenior IT TechnicianCommented:
I usually leave mine to 0, so that the change is instantaneous.
0
 
Sid_FAuthor Commented:
I'm not sure what you mean about it being instantaneous how does this relate to my question about the phone locking out the account?
0
 
VirastaRUC Tech Consultant Commented:
Hi,

Check this...

Account Lockout Best Practices White Paper  
http://www.microsoft.com/en-us/download/details.aspx?id=6218

Hope that helps :)
0
 
Sid_FAuthor Commented:
Thanks
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.