We wanted to set a simple timeout and max authentication attempts on the netscaler before an end user locked out their Active Directory account (given that LDAP auth was the Primary authentication method this also means that a brute force style password attempt would be stopped at the netscaler and never hit the inside LDAP servers)
Configure it like so on your Netscaler Gateway Virtual Server, obviously configure these settings to be less than the AD lockout settings
Failed Login Timeout (in mins)
Max Login Attempts
Error Message the End User will receive in their web browser after they reach the max login attempt limit
Do you know of a way to modify the message the user receives?
No sorry, had a quick look but was unable to find the text in any of the resource files. If I track it down, Ill let you know!
a simple rewriting policy could do it. Maybe you could try to go with this: pimping up websites with rewriting policies