1 of 1 people found this helpful
Once upon a time I knew a little about AD - now...not so much. That being said - would a Read-Only domain controller in the DMZ do the trick? If it's read-only, I'm not sure any RODC/DMZ initiated lockouts would be replicated BACK to the R/W DCs inside your firewall....that would do the trick..
Just a shot in the dark.
Thanks for the reply Christopher. Our initial research shows that having a Read Only instance would still allow a potential lockout. I will pass this reply along to the team though.