actually we are implementing PrivacyIDEA with FreeRadius for one of our customer and facing a problem, that users could be locked in the integrated resolver. In our case Active Directory.
Is it possible to have one failed login counter for the resolver directory and one failed login counter for the otp?
We are offering an external service to login via OTP and don’t want that somebody external is able to lock AD accounts.
Thanks in advanced.