I had thought that you meant that it locks it correctly when AD is used, but not when AD is uninvolved. If the password AD is being restored after 30 minutes, I expect that's occurring on the AD side of things. I can't think of a way that AR System would be influencing that situation. You may want to check with your AD admins.
According to a Google search, there are three options in AD: http://www.windowsecurity.com/articles/implementing-troubleshooting-account-lockout.html The three policy settings are: Account lockout duration - How long (in minutes) a locked-out account remains locked-out (range is 1 to 99,999 minutes). Account lockout threshold - How many failed logons it will take until the account becomes locked-out (range is 1 to 999 logon attempts). Reset account lockout counter after - How long (in minutes) it takes after a failed logon attempt before the counter tracking failed logons is reset to zero (range is 1 to 99,999 minutes). Sounds like you have the first option is set to 30 minutes. -David J. Easter Manager of Product Management, AR System BSM & Atrium Solutions Management BMC Software, Inc. The opinions, statements, and/or suggested courses of action expressed in this E-mail do not necessarily reflect those of BMC Software, Inc. My voluntary participation in this forum is not intended to convey a role as a spokesperson, liaison or public relations representative for BMC Software, Inc. -----Original Message----- From: Action Request System discussion list(ARSList) [mailto:[email protected]] On Behalf Of Easter, David Sent: Thursday, August 30, 2012 7:43 AM To: [email protected] Subject: Re: AD Account Lock-OUT via Remedy >From the documentation (Configuration Guide): To set a maximum number of bad passwords, enter the number in the Max Number of Password Attempts field in the AR System Administration: Server Information form (Configuration tab). To turn the feature off (unlimited number of bad passwords allowed), set the number to 0 (the default). -David J. Easter Manager of Product Management, AR System BSM & Atrium Solutions Management BMC Software, Inc. The opinions, statements, and/or suggested courses of action expressed in this E-mail do not necessarily reflect those of BMC Software, Inc. My voluntary participation in this forum is not intended to convey a role as a spokesperson, liaison or public relations representative for BMC Software, Inc. -----Original Message----- From: Action Request System discussion list(ARSList) [mailto:[email protected]] On Behalf Of Bhupesh Gupta Sent: Thursday, August 30, 2012 7:37 AM To: [email protected] Subject: AD Account Lock-OUT via Remedy I am looking for any ideas on how to implement/set up account lockup for multiple unsuccessful login failures. We are on version ARS 7.604 SP2 Examples: In Active directory when user tries to enter inalid passowrd for the number of times specified on AD side ,then system will lock user account automatically. In our remedy is AD authenticated, user can enter 10 times invalid passwords ( login unsuccessful) still 11th time user can enter the right passowrd and system will allow user to login successfully. How do we lockout the user for unsuccessful logins ( 4 timmes may be).Any suggestions.. Regards, Bhupesh Gupta _______________________________________________________________________________ UNSUBSCRIBE or access ARSlist Archives at www.arslist.org attend wwrug12 www.wwrug12.com ARSList: "Where the Answers Are" _______________________________________________________________________________ UNSUBSCRIBE or access ARSlist Archives at www.arslist.org attend wwrug12 www.wwrug12.com ARSList: "Where the Answers Are" _______________________________________________________________________________ UNSUBSCRIBE or access ARSlist Archives at www.arslist.org attend wwrug12 www.wwrug12.com ARSList: "Where the Answers Are"
