![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(12.8, 82%, 11%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EA%3C/text%3E%3C/svg%3E)
Active Directory
A set of directory-based technologies included in Windows Server.
5,857 questions
Hello @adam900331 ,
Thanks for reaching out and apologies for the delayed response.
Yes, the lockout policy different in Azure AD then the on-premises AD. By default, smart lockout locks the account that are created and managed directly (for an example: Password Hash synchronized users) in Azure AD from sign-in attempts for one minute after 10 failed attempts for Azure Public and Azure China 21Vianet tenants and 3 for Azure US Government tenants.
Similarly, if users are locked out of their synchronized accounts through AAD smart lockout, this has no effect on their on-premises accounts.
For instance, if users are locked out of on-premises AD due to failed login attempts, but their synchronized (PHS) accounts continue to sign-in if the user enters valid credentials, but attempts to sign-in to Azure AD with an incorrect password, the user's account will be locked out using AAD's smart lockout feature.
To learn more about, refer how to protect user accounts from attacks with Azure Active Directory smart lockout. Hope this helps.
-----
Please "Accept the answer" if the information helped you. This will help us and others in the community as well.