We've got an ADFS v.4 farm with SQL backend and ExtranetLockoutMode = 'ADFSSmartLockoutEnforce'
The feature seems to be working and we can successfully query for ESL activity via cmdlet Get-ADFSAccountActivity.
We're interested to get ESL data based on other criteria besides per UPN. For example, query all users with with X number of 'badpwdCountUnknown'. Perhaps this data is available in the Azure portal, but we've yet to locate it so thought we might have some luck querying the [ArtifactStore].[AccountActivity] table.
However, we are surprised to discover that we cannot locate this table, even when connecting to the SQL instance using the service account for which we had originally granted permission to create this table! We've tried to view via the table via both SSMS and shell - essentially getting back "Invalid object name 'ArtifactStore.AccountActivity.'" from database [AdfsArtifactStore].
Therefore:
Can this data be had from the portal?
Where else could the present data be returning [via the cmdlet] if not from an AccountActivity table??
Are there any plans to expand the cmdlet's ability to gather info besides on a per UPN basis?
Thanks for your time!
DaveC
