[Samba] BadPwdCount Attribute. Why no replication?
Rowland Penny
rowlandpenny at googlemail.com
Tue Mar 24 10:16:26 MDT 2015
On 24/03/15 16:10, James wrote:
> Hello,
>
> With the upgrade to 4.2 I now have access the the lockout feature.
> I've learned the BadPwdCount attribute does not get replicated. Why is
> this? My understanding is one DC could have a value of '2' while another
> has '1'. Depending on what DC the user attempts to authenticate against.
> This user may be locked out after one invalid attempt if the threshold is 3.
>
Because it shouldn't be, that's why.
See: https://msdn.microsoft.com/en-us/library/ms675244%28v=vs.85%29.aspx
At the bottom, under 'Remarks'
Rowland
More information about the samba
mailing list