Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

end user lockout after 1 failed login

We are running CUCM 6.1.3 and have integrated authentication, using LDAP.

cucm users  and admins are locked out after one failed attemp (i have confirmed this on the AD server).

whereas the lock out policy on the AD server and set to lock out after 3 failed attemps (which is working and enforced when logging onto the domain).

I have checked enterprise parameters in CUCM to see if the lock out policy can be changed, couldnt find anything.

has anyone ever seen this before?

Please remember to rate useful posts, by clicking on the stars below.

3 REPLIES

Re: end user lockout after 1 failed login

You may have a different problem.  CUCM has a user configured to lookup the authentication (user name and password)  If this user has a problem, it will keep failing everyone.

Check the logs first in CUCM and see what the security is saying for the LDAP profile account, and also the user that is failing.

Also, check your Domain controller and see if there are any issues with the format that is coming from CUCM.  If the user name has some odd characters or spaces or the password has unsupport characters, CUCM may not pass the info correctly to LDAP

Re: end user lockout after 1 failed login

actually, the authentication uses a service account called scv_UnifiedCM. and always works when the user password is typed in correctly.

The problem i am describing only related to the AD account lock out after one failed login.

I have done a packet capture on CUCM when simulating a failed login. It turns out that CUCM send the same authentication request to the AD server 3 times, causing it to lock. This would mean that the problem is caused by CUCM.

Please remember to rate useful posts, by clicking on the stars below.

Re: end user lockout after 1 failed login

Now that you mentioned it, I think I have seen this before.  Hunt around the bug report for his.   I recall seeing something like this before.   If there is a chance... Id upgrade to latest 6.14 release.

235
Views
0
Helpful
3
Replies
CreatePlease login to create content