Hello All,
I am currently looking at various authentication options; one in particular is Proxy Authentication.
What I want to know is does Proxy authentication work as read only or can it write password changes and enforce password policy to the source AD user object.
Scenario: If someone logging into an account which uses AD - LDS (ADAM) as the data source (which has proxy authentication enable to the AD account) and they enter their password wrong 3 times (Based on the AD password policy). Will the account get locked out or will it simply just return an error message stating password or user id is incorrect, while leaving the account in AD unlocked. Therefore allowing the user to continue trying to enter the password as much as they want?
Same for allowing password change, does the password change have to occur on the Active Directory account directly? Or can it be written to AD-LDS and gets pushed out to the AD account via the Proxy authentication?
I know as I write this that it doesn't soundplausible but I rather have an expert tell me then make the assumption myself.
I hope my questions make sense, and any help or push in the right direction is appreciated.
Regards,
JJ