Big savings, Better ROI! Exclusive discounts on ManageEngine Products!* Boost your business *T&C apply

Home

Related Products
ADManager Plus

Active Directory Management & Reporting
Download | Demo
ADSelfService Plus

Self-Service Password Management
Download | Demo
EventLog Analyzer

Real-time Log Analysis & Reporting
Download | Demo
Exchange Reporter Plus

Exchange Server Auditing & Reporting
Download | Demo
AD360

Integrated Identity & Access Management
Download | Demo
Log360

Comprehensive SIEM and UEBA
Download | Demo

Click here to expand

Configure AD FS servers for auditing - Configure extranet lockout

Log in to the AD FS server with Domain Admin credentials. Open Windows PowerShell, and execute the below command:
Set-AdfsProperties -EnableExtranetLockout $true -ExtranetLockoutThreshold <Threshold_value> -ExtranetObservationWindow (New-Timespan -Minutes <time_in_minutes>)

In the above command, set appropriate values for:

<Threshold_value>, an integer value that defines the maximum number of bad password attempts.
<time_in_minutes>, the time in minutes that determines how long the user account will be soft-locked out for.

Note: Extranet lockout settings can be configured only if an AD FS proxy is used in your environment. The AD FS proxy server need not be configured in the ADAudit Plus console.

Don't see what you're looking for?

Visit our community

Post your questions in the forum.
Request additional resources

Send us your requirements.
Need implementation assistance?

Try onboarding

Help Document

Configure AD FS servers for auditing - Configure extranet lockout

Don't see what you're looking for?

Visit our community

Request additional resources

Need implementation assistance?

On this page