Windows does not track bad password attempts when offline. We were locking users out but not honoring the lockout duration.
Autobuild-User: Jim McDonough <jmcd@samba.org>
Autobuild-Date: Wed May 25 18:11:10 CEST 2011 on sn-devel-104
}
- /* User does *NOT* know the correct password, modify info3 accordingly */
+ /* User does *NOT* know the correct password, modify info3 accordingly, but only if online */
+ if (domain->online == false) {
+ goto failed;
+ }
/* failure of this is not critical */
result = get_max_bad_attempts_from_lockout_policy(domain, state->mem_ctx, &max_allowed_bad_attempts);