Why doesn't a user get locked out after a number of invalid password attempts greater than the domain account lockout policy?

We have an account lockout policy of 5 bad password attempts but we’re seeing users presenting bad passwords up to several thousand times in the span of 15 minutes. I’m concerned about whether the policy is active or if we have a possible brute force password attack being attempted.   After investigating this closer we…


How to get email notifications about expiring certificates from FIM CM 2010

Just stumbled over this great article on how to do this over on the Technet Wiki at http://social.technet.microsoft.com/wiki/contents/articles/9353.using-the-fim-cm-2010-notification-api.aspx. Using this example you can have email notifications sent to a mailbox or distribution list to warn about certificates that are about to expire to give the administrators time to renew them ahead of time.   Using the…