Yesterday I posted a question whether the account lock out policy should be enabled or not in a domain environment. What I found that in enabling an account policy specially in domain environment any user can use this policy to launch a Denial of Service DoS attack by using a script and launch it for any particular user so that particular user will be lock out.
But this is not what I want. So what I want to ask is that is it possible that we can disable a user account if he does an access right violation on a particular folder in a domain environment.
I have implemented access right on our shared folder on the role basis with need to know and least privileges principle. I have also deployed GFI Event manager for monitoring in case of user try to take the ownership of that folder or a user tries to access an unauthorized folder. In any such event I got email alert about the user who tried to access that folder, his name, domain and folder name.
Ok but now what to do when a user has tried to access an unauthorized folder? Is there any way that I can configure on the DC setting such a policy that in case of any such event say user "Bob" tries three or four consecutive failure to that folder, the user account be locked out?