for some reason 1 failed attempt at CrushFTP sends multiple fails to the AD server which causes users to get locked after one failed attempt.
I tried search if such option exists in configuration but couldn't find .
We have tested this repeatedly here. At no time did our login failure lock our account.
Your re either on an older version with partial files from different CrushFTP versions, or LDAP is not really doing the amount you indicated, etc. I don't know. But we cannot replicate this issue, and we have not had any other customer report it either...
I don't know how to debug this further without being able to replicate it.
I can have another build made to do some more explicit logging to track login processes, but that is all I can do.
Do you have all ldap configs deleted, except the base one...and restart CrushFTP server?
Hi Ben, thank you for creating a test lab for this, I'll try to get a maintenance window to upgrade and restart the CrushFTP server, once it will be done I'll update this thread on the results.