Account Lockout Tab
You can set up a account lockout policy for the directory using the Account Lockout tab.
Accounts may be locked out. Select this option to enable account lockout because of repeated login failures. Clear this checkbox if you do not want users to be locked out of the directory after a series of failed bind attempts.
Lockout account after X login failures. Specify the number of times a user can fail to bind before they are locked out of the directory. Valid values are 1 to 32,767 attempts. This option is available only if account lockout is enabled.
Reset failure count after X minutes. Indicates the amount of time that must elapse before the failure counter is reset. This option is available only if account lockout is enabled. Valid values are 1 to 35,791,394 minutes.
Lockout forever. Select this option to indicate that user accounts that have been locked must be reset by the administrator before users can access the directory. If you select this option, you cannot set a lockout duration.
Lockout duration X minutes. Select this option to indicate the amount of time a user will be locked out of the directory after a series of failed bind attempts. If you select this option, you must enter a number of minutes in the text box. Valid values are 1 to 35,791,394 minutes. This option is available only if account lockout is enabled.