Prevent users from being locked out of their accounts
You can configure
BlackBerry Enterprise Identity
to prevent users, such as Active
Directory
users, from being locked out of their account because of too many failed BlackBerry Enterprise Identity
sign-in attempts. This feature is disabled by default.
If you set the
BlackBerry Enterprise Identity
lock out threshold lower (for example, one less) than the Active
Directory
lockout threshold, your organization's users will be locked out of BlackBerry Enterprise Identity
before being locked out of Active
Directory
.- In theBlackBerry UEMmanagement console, on the menu bar, clickApps.
- ClickAdd an app.
- ClickEnterprise Identity.
- ClickOpen Enterprise Identity console. The administrator console opens in a new browser tab. If the console does not open, ensure that you have enabled pop-ups in your browser.
- On theSettingspage, clickLockout.
- Turn onEnable account lockout.
- Set the following options:
- Login attempt threshold: Sets the number of failed attempts before the account is temporarily locked out.
- Login duration (minutes): Sets the number of minutes that an account will be locked out for. When this timer has been exceeded, the account should be unlocked for the next sign in attempt.
- Reset duration (minutes): Sets the number of minutes that must elapse after a failed log in attempt before the failed log in attempt counter is reset to 0.
- ClickSave.