Users cannot login to OneClick because their account is locked

Document ID:  TEC1917346
Last Modified Date:  06/14/2017
{{active ? 'Hide' : 'Show'}} Technical Document Details

Products

  • CA Spectrum

Releases

  • CA Spectrum:Release:10.2
  • CA Spectrum:Release:10.0
  • CA Spectrum:Release:10.1
  • CA Spectrum:Release:10.1.1
  • CA Spectrum:Release:10.1.2
  • CA Spectrum:Release:10.2.1
  • CA Spectrum:Release:9.3
  • CA Spectrum:Release:9.4
  • CA Spectrum:Release:9.4.1
  • CA Spectrum:Release:9.4.2
  • CA Spectrum:Release:9.4.2.1
  • CA Spectrum:Release:9.4.3

Components

  • ONECLICK:SPCOCK
  • INTEGRATIONS:SPCINT
Question:

We have OneClick integrated with LDAP for single sign-on authentication. However, after adding several new users to OneClick, I am attempting to login and change their passwords to their actual LDAP passwords. But I am getting the following message returned:

Connect to CA Spectrum OneClick on <hostname.FQDN> 
SPC-OCA-10502: Your account has been locked out.

I have set user up with unlimited login attempts and deleted and recreated users several time, but cannot find a way to unlock their accounts.

How do you unlock an account in Spectrum?

Answer:

Spectrum does not provide any mechanism to lock out a user account after x number of failed attempts. The "Maximum Logins unlimited" setting found in the OneClick User Editor is setting a limit on the maximum number of concurrent OneClick sessions a user can have open at any moment in time, and is not related to the maximum number of unsuccessful authentication attempts.

The message you are seeing is directly related to LDAP, and is informing the user that their LDAP account has been locked out.


In a typical LDAP integration we do not store the user's LDAP password in the Spectrum database. So there is not reason to log into OneClick and change the password to match the LDAP password. The only reason you would want to set the password in OneClick is if you have enabled the "Allow User to Log In if either the LDAP Password is Invalid or the User does not exist in LDAP" or if the LDAP Integration Configuration page on the OneClick Web Server has the "Save LDAP passwords to CA Spectrum database" set to yes.

 if you see that a user account has been locked out, notify the LDAP Admin and have the account unlocked.

Please help us improve!

Will this information enable you to resolve your issue?

Please tell us what we can do better.

{{feedbackText.length ? feedbackText.length : '0'}}/255

{{status}}

Not what you were looking for?

Search Again >

Product Information

Support by Product >

Communities

Join a Community >

Chat with CA

Just give us some brief information and we'll connect you to the right CA ExpertCA sales representative.

Our hours of availability are 8AM - 5PM CST.

All Fields Required

connecting

We're matching your request.

Unfortunately, we can't connect you to an agent. If you are not automatically redirected please click here.

  • {{message.agentProfile.name}} will be helping you today.

    View Profile


  • Transfered to {{message.agentProfile.name}}

    {{message.agentProfile.name}} joined the conversation

    {{message.agentProfile.name}} left the conversation

  • Your chat with {{$storage.chatSession.messages[$index - 1].agentProfile.name}} has ended.
    Thank you for your interest in CA.


    Rate Your Chat Experience.

    {{chat.statusMsg}}

agent is typing