ActiveSync / Exchange 2010 Lockout Policy


Recommended Posts

Hi -

Can anyone offer any insight or best practices to prevent ActiveSync from locking out a persons AD account when their password changes and they neglect to update it on their wireless device? We require passwords to be changed after x number of days. Many clients are instructed to do so on their workstations, but often forget to make these changes on their iPhones or Droids causing account lockouts. Since clients in my environment have multiple wireless devices (which sometimes get passed around or locked away), I would like to keep them from causing a "global" lockout. What I had in mind is perhaps the following: set activesync to retry only x amount of times before "giving up" for 5 minutes and perhaps after 3 attempts of this it stops trying entirely until they contact the help desk. Domain lockout of course would occur after x+1 failed attempts.

Any help or advice you could provide would be greatly appreciated.

The Kat

Link to comment
Share on other sites

This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.