I am implementing SSO using ADFS 2.0. I am using Windows Server 2008 R2 Standard. Now, I want to restrict the number of attempts that a user gets to log on, to 3. I came across this which suggested me to set up the following three parameters:
- EnableExtranetLockout
- ExtranetLockoutThreshold
- ExtranetObservationWindow
I referred this to register and add ADFS 2.0 snap-in to windows powershell.
However, when I query Get-ADFSProperties, I don't get the three properties I listed above. 
Also quite understandably, I get the following error when I execute this command:
Set-AdfsProperties -EnableExtranetLockout $true -ExtranetLockoutThreshold 15 -ExtranetObservationWindow ( new-timespan -Minutes 30 )
Error message is:
Set-ADFSProperties : A parameter cannot be found that matches parameter name 'EnableExtranetLockout'.
At line:1 char:42
Set-AdfsProperties -EnableExtranetLockout <<<< $true -ExtranetLockoutThreshold 15 -ExtranetObservationWindow ( new-timespan -Minutes 30 )
CategoryInfo : InvalidArgument: (:) [Set-ADFSProperties], ParameterBindingException
FullyQualifiedErrorId : NamedParameterNotFound,Microsoft.IdentityServer.PowerShell.Commands.SetServiceProperties Command
This error has been mentioned here but that doesn't apply in my case cause the properties aren't getting listed in the first place!
I would appreciate any help or suggestion wrt the same.
Thanks!
you need to upgrade to ADFS 2012 R2. The extranet account lockout feature is not present in any builds prior to that.
Cheers, Rhoderick Blog