AD Users are not able to login to DLP Enforce Console
search cancel

AD Users are not able to login to DLP Enforce Console

book

Article ID: 263311

calendar_today

Updated On:

Products

Data Loss Prevention

Issue/Introduction

When configuration on DLP Enforce is with AD-controlled users, all the password control options are from AD (no password resets in Enforce as it is synced with AD and passwords set in AD).

Is there an option to unlock users in Enforce console that were locked out of Enforce console login?

Environment

Release : 15.8.x

Cause

Option: Account Disabled is selected detail below from 15.8 Help Center guide page 361:

Instructions: Select this option to lock the user out of the Enforce Server administration console. This option disables access for the user account regardless of which authentication mechanism you use. For security, after a certain number of consecutive failed logon attempts, the system automatically disables the account and locks out the user. In this case the Account Disabled option is checked. To reinstate the user account and allow the user to log on to the system, clear this option by unchecking it.

Resolution

To unlock user account that is locked using following option in DLP Enforce console:

1) Login to Enforce Web Console as Administrator (or admin user).

2) Navigate to System>Login Management>DLP Users.

3) Select Users account you want to unlock.

4) Uncheck box for "Account Disabled"

5) Save.

Additional Information

15.8 Help Center Guide:

https://techdocs.broadcom.com/content/dam/broadcom/techdocs/us/en/pdf/symantec-security-software/information-security/data-loss-prevention/Symantec-Data-Loss-Prevention-Help-Center_15.8.pdf