ADFS 2016 Extranet smart lockout doesn't work without WAP? with O365 RRS feed

  • Question

  • Team,

    I have deployed ADFS 2016 with Office 365 and enabled the Extranet Smart Lockout Feature, I haven't deployed WAP and ADFS is facing the internet directly. I have tried to login using UPN and with bad password. It locks my AD account. Which shouldn't happen. As per the below blog post, it is mentioned that there is trouble with Extranet Soft lockout if WAP is not deployed and as per my understanding Extranet Smart lockout is also an extension to the feature of 2012 hence this shouldn't work if WAP is not present.


    Please clarify

    Tuesday, October 23, 2018 4:52 AM


  • Extranet Lockout Policy, as the name suggests it, works only for Extranet clients. And this works ONLY of you are using a WAP (or a MS-ADFSPIP compliant device).

    Note: Posts are provided “AS IS” without warranty of any kind, either expressed or implied, including but not limited to the implied warranties of merchantability and/or fitness for a particular purpose.

    • Proposed as answer by Jorrk Wednesday, October 24, 2018 6:02 AM
    • Marked as answer by Qureshi Aquib Thursday, October 25, 2018 3:21 PM
    Tuesday, October 23, 2018 1:08 PM