Big savings, Better ROI! Exclusive discounts on ManageEngine Products!* Boost your business *T&C apply
    Click here to shrink
    Click here to expand Click here to expand

    Configure AD FS servers for auditing - Configure extranet lockout

    Log in to the AD FS server with Domain Admin credentials. Open Windows PowerShell, and execute the below command:
    Set-AdfsProperties -EnableExtranetLockout $true -ExtranetLockoutThreshold <Threshold_value> -ExtranetObservationWindow (New-Timespan -Minutes <time_in_minutes>)

    In the above command, set appropriate values for:

    • <Threshold_value>, an integer value that defines the maximum number of bad password attempts.
    • <time_in_minutes>, the time in minutes that determines how long the user account will be soft-locked out for.

    Note: Extranet lockout settings can be configured only if an AD FS proxy is used in your environment. The AD FS proxy server need not be configured in the ADAudit Plus console.

    Don't see what you're looking for?


      Visit our community

      Post your questions in the forum.


      Request additional resources

      Send us your requirements.


      Need implementation assistance?

      Try onboarding


    On this page

    Get download link