Previous Topic: New User Passwords are Rejected

Next Topic: User Accounts are Prematurely Disabled

User Accounts are Mistakenly Disabled

Symptom:

Users accounts that have not exceeded the number of permitted failed login attempts are becoming disabled.

Solution:

Check the incorrect password settings. The setting for disabling an account after a specific number of consecutive incorrect password attempts may be too low.

Setting this value too low causes a problem when two or more users, which are located in different user directories, have the same user name. When the Policy Server attempts to authorize a user, it checks all user names that correspond to the login and then attempts to match the password. If the Policy Server finds a user name that the password does not match, it records a failed attempt for that user. If this happens more than the number of times specified by the in the incorrect password settings, the account is disabled.


Copyright © 2010 CA. All rights reserved. Email CA about this topic