Prevent users from being locked out of their accounts
You can configure
BlackBerry Enterprise Identityto prevent users, such as
Active Directoryusers, from being locked out of their account because of too many failed
BlackBerry Enterprise Identitysign-in attempts. This feature is disabled by default.
If you set the
BlackBerry Enterprise Identitylock out threshold lower (for example, one less) than the
Active Directorylockout threshold, your organization's users will be locked out of
BlackBerry Enterprise Identitybefore being locked out of
- In theBlackBerry UEMmanagement console, on the menu bar, clickApps.
- ClickAdd an app.
- ClickEnterprise Identity. A message appears asking you to synchronizeEnterprise Identityservices.
- ClickOpen Enterprise Identity console. The administrator console opens in a new browser tab. If the console does not open, ensure that you have enabled pop-ups in your browser.
- In theAccount Lockout Settingssection, turn onEnable Account Lockout.
- Set the following options:
- Login attempt threshold: Sets the number of failed attempts before the account is temporarily locked out.
- Login duration (minutes): Sets the number of minutes that an account will be locked out for. When this timer has been exceeded, the account should be unlocked for the next sign in attempt.
- Reset duration (minutes): Sets the number of minutes that must elapse after a failed log in attempt before the failed log in attempt counter is reset to 0.