This is the wrong forum, but we need to know the application topology to answer this, but I suspect that the user is only logging to the Application, not LDAP.   Application us using a service account not the user account.

I think this is the right forum:https://social.technet.microsoft.com/Forums/en-US/home?forum=winservermanager

Dear all,

I have a new questions from my customer.

They have some internal websites, when users open homepage need logon via domain\user account. Using LDAP char to connect Active Directory, ex: cn=Users, dc=contoso, dc=com

The GPO of domain will lock account If logon failed 10 times. They tested by logon with wrong password on clients, that is Ok, GPO work fine, the user locked, take 30 minutes to re-login.

But, the user logon when open website's homepage, also logon fail more than 10 times, the user is NOT "lock". Why is that?

I find in Windows Logs on Domain controllers, not found audit event ID (i had enable sussess/fail logon audit)

Many thanks for your support!

HoangTT