Are there any Group Policy settings that would prevent the SSO FDE pre-boot lockout from clearing?
We have a 5 minute lockout after multiple failed logon attempts but it's not automatically clearing for some people and it doesn't report as locked on the console.
We can logon users with the One Time Password challenge and they can logon to the computer while connected to the domain but the lockout is still present after reboot.
We think one of the GPOs on our domain may be preventing it from clearing properly and I was hoping someone in here had run into the issue before.
Right now our only resort when this occurs is to clear all cached SSO credentials on the workstation and use a local account for the initial logon. The locked accounts then work again after logging on to the domain.