Configure Unlock Account
At Setup > Login Page Services > Unlock Account, enables users to unlock their Active Directory account. This reduces the number of help desk account unlock tickets and enhances productivity of the user. Users can unlock their Active Directory account from the Microsoft Windows logon screen, or from the Identity Director Web Portal or Mobile client logon page, either via a wizard or via service delivery.
- You can add code validation to unlock accounts. This adds an extra check to authenticate the identity of the user who requests to unlock his account: a verification code is sent to the user e.g. by SMS or e-mail. Users then need to provide this verification code before they can proceed to unlock their account. This ensures that unlocking of accounts occurs as secure as possible.
- Using organizational context, you can define to whom the Verification Code and/or Security Questions apply.
- You can add translations for the labels and messages that appear to end users in the Web Portal.
The availability of this functionality may be subject to the license type used in your environment.
Configuration
General tab
Field |
Explanation and Tips |
---|---|
Unlock account settings |
Specify the availability of the Unlock Account functionality.
|
Unlock link text |
Specify the text of the Unlock Account link. |
People identifier |
Specify the identification method of users when they request to unlock their account. |
Service |
Specify the service that is delivered as part of the Unlock Account . |
User instructions |
Specify instructions when users click the Unlock Account link. |
Status page message |
Specify status information. |
Redirection URL |
Specify a URL of choice after an Unlock Account, rather than the default Web Portal sign-in page. In certain scenarios, for example when users access the Web Portal from a thin client, redirecting them to the default page may not be user-friendly. You can prevent this by specifying a different URL. |
Display the Finish button |
Specify if you want the Finish button to be displayed at the end of the process. By default, this button will take users to the Web Portal login screen. If you do not display the Finish button, no redirection (to the Web Portal login page or the Redirection URL) will occur. |
User input |
Specify if user input is provided through the wizard or through a service workflow. |
Service attribute |
Specify the service attribute that can store the input that the user provides.
|
Authenticator Apps tab
Field |
Explanation and Tips |
---|---|
Enabled |
Enable authenticator applications validation. Enabling this option will allow users to select authenticator apps as their preferred verification method in the Web Portal.
|
Verification Code tab
Select organizational context |
Specify the Organization(s) or Organizational attribute(s) that determine if the Verification Code applies to a user.
|
Organizational context Diagnostics |
After you specify organizational context, the first (max) 100 people that meet the conditions are listed here. |
Generating verification code message |
Specify status information that is displayed to the user about generation of the code. |
Enter verification code message |
Specify user instructions to validate the code.
|
Invalid verification code message |
Specify the message that is displayed to the user if the provided code is incorrect. |
Exceeding maximum number of attempts message |
Specify the message that is displayed to the user when he exceeds the limit. This field is only available if you have selected the option Limit number of attempts. |
Validating verification code message |
Specify status information that is displayed to the user about validation of the code. |
Security Questions tab
Field |
Explanation and Tips |
---|---|
Security questions |
Specify the number of questions in the wizard. If this number exceeds the number of questions and answers stored in a user's Security Questions and Answers attribute (see below), the user will get an error and cannot complete the Unlock Account service. |
Questions attribute |
This field shows the default people attribute Security Questions and Answers that stores the security questions and answers of the wizard. The attribute can be filled using the User Validation Service you specify on the Login Page Services page.
|
Select organizational context |
Specify the Organization(s) or Organizational attribute(s) conditions that determine if the Security Questions apply to a user.
|
Organizational context diagnostics |
After you specify organizational context, the first (max) 100 people that meet the conditions are listed here. |
Translations tab
If you have enabled translations at Setup > Translations, you can add translations for the labels and messages that appear to end users in the Web Portal for Unlock Account.
To add translations:
- Alongside the default language, click to export its RESX to use as the basis of translations for the other supported languages.
The name of this file is unlockaccountsettings.resx. - Save a renamed copy of this file and translate it as required.
- Click to import the RESX for the language.
This ensures that custom labels are translated in the correct language.
Each supported language uses the default language if you do not upload a RESX file.
Click to reapply the default language.
Click to export the RESX of the language to make adjustments to the translation.