Business Problem
A user account in Active Directory is locked if a user incorrectly types the password several times in a row.
The threshold value for the number of attempts to enter the wrong password and the account locking time is defined in the Default Domain Policy in the GPO section
Computer Configuration > Windows Settings > Security Settings > Account Policy > Account Lockout Policy.
The user calls the IT Helpdesk/Service desk that his user-id got locked and he is not able to log in.
The Helpdesk engineer manually creates a case/ issue and assigns it to the service desk/ AD team. The domain administrator can unlock the user account manually using the Active Directory Users and Computers console. He has to find AD user object, open the properties, go to the Account tab, and check “Unlock account and press OK.
Automated Solution
Vyom Labs brings in the Automation to lock/unlock AD user as a self-service task and within minutes through BMC Helix- AD Automation use case.
Users can use his colleague’s workstation to send a request to the AutomationEdge engine by answering security questions. AutomationEdge engine then verifies the user response, unlocks the account in AD and sends an email/SMS to the user.
Visit the following short video on BMC Helix-AD Password Reset Automation –