Is there a way to avoid a DoS attack on an Active Directory account so an attacker can’t intentionally lock out an account that is set for maybe like 7 attempts allowed?
I know you can set it to not lockout an account, but you would have to setup a mechanism to monitor number of attempts on the accounts in order to know if it is a DoS type of attack or have the account get reset after xx time.
I’m just looking to see if there is any settings or a simple way for an attacker not be able to lockout an account easily when a company policy may allow for only 7 attempts before a lockout.
Any help would be appreciated.