Crowd/Microsoft AD: User entering incorrect password in Jira causes account to be locked in AD

Hi,

We have recently moved from using an Internal Crowd Directory to using a Microsoft AD connector for all of our Atlassian users.

I've just had a report of a user who changed thier password in AD and then tried to login to JIRA with the new password. This failed (I guess it hadn't syncronised yet). I performed a full syncronisation with "incremental sync" disabled. The user reported that thier AD account was locked, but after being unlocked in AD they could log into Jira.

Can failed password entries in Crowd/JIRA etc cause an AD account to be locked when syncronisation occurs?

And are password updates not included in incremental syncs?

I have left "incremental sync" disabled for now. Would password changes be reflected quicker in the Atlassian applications if I disabled the Cache in Crowd as well? We have about 1800 users.

Thanks,

Ben