in the past, we used to have GPO for our laptop/desktop so that when someone enter wrong password to login to their computer domain joined, after 5 times failed attempt - it will lock their account for 30 mins.
But how do we do this for our AAD joined computer?
We just recently moved to intune and when user login to their computer, it is locally authenticated by their computer. Ideally, we would want the same experience as well. so that when the user enter wrong password for 5 times, it will lock their account for 30 mins.
In Intune go to Configuration Profiles 1. Create a new profile 2. Select Settings Catalog 3. Click on Add Setting and search for "Device Lock" 4. Click open Device Lock and activate " Enable Device Password "
Here you can find the settings to lock a device or user.