I've got a weird one. Our company is implementing a policy that your account will become disabled after five login attempts. Our instance of Jamf Pro seems to submit two login attempts to our Active Directory domain when a user attempts to log in to it which therefore only gives the user three attempts to authenticate before their account gets locked in Active Directory instead of five. I haven't seen anyone else with this issue online. We previously had both of our domain controllers listed as LDAP servers in our instance of Jamf Pro but recently consolidated them in Jamf Pro to our single reachable domain. I would've thought that this would've fixed the issue since the login should only be attempted once per listed LDAP server, but nonetheless Jamf Pro is causing my account to be locked after three login attempts instead of the normal five. We also attempted to use Single Sign-On for awhile, but ran into unrelated issues with that and disabled it shortly thereafter. Does anyone have any other pointers?
