Overview #
Intruder Detection happens when a
Digital Identity that has failed to login so many times that the account has been "intruder detected" or
Account Lockout.
Intruder Detection is a Policy typically within the password Policy
The implementation of Intruder Detection varies by the LDAP Server Implementations.
Intruder Detection is usually not implemented the same as when an Digital Identity is Administratively Disabled.
Draft-behera-ldap-password-policy defines the
Intruder Lockout Check Policy Decision Point and is the closest thing to a standard. Several
LDAP Server Implementations provide at least partial support but no known comprehensive list has been determined.
eDirectory uses a method referred to as
Locked By Intruder
Active Directory Account Lockout method for locking accounts|Active Directory Account Lockout].
There is a
User-Account-Control Attribute that shows if the account is in
LOCKOUT condition.
There might be more information for this subject on one of the following: