Where to ask about exchange 2007 OWA account lockout settings RRS feed

  • Question

  • I'm not sure if my question is on Exchange 2007, OWA or group policy. The issue is as follows. Users can type the wrong password and never get locked out. To fix this I configured the group policy

    Computer configuration -> Policies -> Windows Settings -> Account Policies / Account Lockout Policy

    Now if a user types the wrong password more than 5 times their AD account is locked out. However I can still log into OWA if I type the correct password, even though the AD account is now locked out. Is there something else I need to configure ? We don't want attackers to have the ability to constantly try passwords and when they get the right one get in. Similarly if a staff member leaves and we disable their account we don't want them to be able to login and access email/GAL.

    Friday, June 22, 2012 8:19 AM