I’m sure you are familiar with the following articles discussing the Federated account lockouts and AD FS Extranet Smart Lockout (ESL) feature and set up recommendations. https://blogs.technet.microsoft.com/tspring/2017/01/20/federated-to-microsoft-cloud-and-account-lockouts/ https://docs.microsoft.com/en-us/windows-server/identity/ad-fs/operations/configure-ad-fs-extranet-smart-lockout-protection https://samilamppu.com/2018/07/09/w2016-adfs-smart-lockout/ Recently was helping the customer whose environment was experiencing high volume of on-premises AD accounts lockouts due to the external bad passwords attempts via AD FS … Continue reading AD FS 2016 Extranet Smart Lockout behavior
Tag: Password
PowerShell script to collect AD FS 2016 bad password sign in attempts data
There is an excellent blogpost about federated to Microsoft Cloud accounts lockouts data collection, analysis and mitigation. The article above provides links to the scripts collecting event logs data for Windows Server 2008 R2, 2012 and 2012 R2. But in Windows Server 2016 there were audit enhancements made in AD FS 2016 auditing to make … Continue reading PowerShell script to collect AD FS 2016 bad password sign in attempts data