I have a web application that can use LDAP authentication that I can use ADAM for. I would like the user to only need one password for domain resources and this web application. To this end I could use the BindProxy to pass the authentication on to the Active Directory servers. However, I do not want a user to be able to lock their production domain account because they mis-typed their username and password in the web application. Therefore, is it possible to configure ADAM in such a way that after so many bad password attempts (bind failures), that it either locks the ADAM BindProxy or no longer forwards to the Active Directory domain controller? I know that normal ADAM account lockouts are determined by the local machine settings but I do not know if this applies to the BindProxy accounts. Therefore, I need to know what governs the account lockout for BindProxy accounts defined in ADAM.

Regards,

Fred D.