Hi,
I am doing some experiements with account lockout password policy. The account is locked out after many wrong password tries.
Then
If bind with correct password, the result is
#<OpenStruct extended_response=nil, code=19, error_message="Exceed password retry limit. Please try later.", matched_dn="", message="Constraint Violation">
if bind with wrong password, the result is
#<OpenStruct extended_response=nil, code=49, error_message="", matched_dn="", message="Invalid Credentials">
So attacker can still continue to try/guess different passwords until he get the result of : code=19, error_message="Exceed password retry limit. Please try later.".
Thank you.