astrokat Posted January 24, 2012 Share Posted January 24, 2012 Hi - Can anyone offer any insight or best practices to prevent ActiveSync from locking out a persons AD account when their password changes and they neglect to update it on their wireless device? We require passwords to be changed after x number of days. Many clients are instructed to do so on their workstations, but often forget to make these changes on their iPhones or Droids causing account lockouts. Since clients in my environment have multiple wireless devices (which sometimes get passed around or locked away), I would like to keep them from causing a "global" lockout. What I had in mind is perhaps the following: set activesync to retry only x amount of times before "giving up" for 5 minutes and perhaps after 3 attempts of this it stops trying entirely until they contact the help desk. Domain lockout of course would occur after x+1 failed attempts. Any help or advice you could provide would be greatly appreciated. The Kat Link to comment Share on other sites More sharing options...
Recommended Posts