We've seen an interesting situation in the past few weeks where two specific user IDs seem to attempt thousands of logins with denied access to multiple organizations within our vCD instance. You can see this by looking at the event logs in each organization. The interesting part to me is that I can disable/delete the user and the attempted logins continue. This is a very bizarre behavior, I am curious to see if anyone has run into this or had some thoughts about potential other test scenarios.
↧