Anyconnect maximum failed login attempts on LDAP Windows database

orsonjoon
Level 1
Level 1

‎08-01-2012 04:32 AM - edited ‎02-21-2020 06:14 PM

Hello,

I just can't seem to find the setting for Web and client Anyconnect to set the maximum failed login attempts when on Windows database LDAP.

I would like that after maximum 3 failed login attempts the possebility to login again times out for say 10 minutes.

At this moment it's possible to login as often as you would like, which is a big security issue.

Please, I can use some help to get this done, many thanks in advance.

Best,

Orson

Labels:
0 Helpful

Marvin Rhoads
Hall of Fame
Hall of Fame

‎08-01-2012 07:18 AM

I don't think this can be configured in AnyConnect or on the ASA. They both rely on the settings on the Windows server. One can set this behavior there. (reference)

View solution in original post

0 Helpful

Tarik Admani
VIP Alumni
VIP Alumni
In response to Marvin Rhoads

‎08-01-2012 07:49 AM

Marvin,

If you were interested to see how to configure this in AD here are the steps if you are running in a windows 2008 functional domain.

http://technet.microsoft.com/en-us/library/cc770842%28v=ws.10%29.aspx

Thanks,

Tarik Admani
*Please rate helpful posts*

View solution in original post

0 Helpful

Javier Portuguez
Level 9
Level 9
In response to Tarik Admani

‎08-01-2012 08:57 AM

Hi there,

This indeed is not a feature the ASA controls, the AAA server is the one in charge of it.

Thanks.

View solution in original post

0 Helpful

orsonjoon
Level 1
Level 1
In response to Javier Portuguez

‎08-02-2012 12:19 AM

Allright, thanks guys, this was the direction to go, many thanks again....

0 Helpful