App Control: Admin Users Locked Out of Console after setting Password Expiration without Resetting Passwords
book
Article ID: 288571
calendar_today
Updated On:
Products
Carbon Black App Control (formerly Cb Protection)
Issue/Introduction
Password expiration was changed from 0 (does not expire) to a value
Passwords were not reset upon this change
Date the original admin password or other passwords were set is before the expiration period + grace period configured
Unable to access the App Control console with the admin user or any other user this setting was configured for after the user logs out
Environment
App Control server: All supported versions
Cause
If the date the original password was set is before the newly set expiration period + grace period, then the user will be locked out of the console until another administrator resets the password on the console.
Resolution
If the default admin user or another administrator can still access the console, the password can be reset for other users via the console to an agreed-upon temporary password. These options are documented here in the User Guide
If the default admin user or no other administrators can access the console due to being locked out, please contact Carbon Black Support for further assistance.
Additional Information
To avoid this situation, whenever a change is made to a user's password settings on the App Control console, the password should be reset at the same time.