Professional Documents
Culture Documents
In many cases, end users are experimenting account lockout issues due wrong passwords tentative from
Purpose their mobile devices, nestle wireless access or any other 3rd party device that requires a password.
WHY
This standard routine is to guide the involved teams to troubleshoot and fix the mentioned issue.
Supported measure NA
Start Point Client Team receives a ticket for persistent locked account issue.
WHAT
End Point Client Team closes the ticket with account lockout issue solved.
The involved support people should have the understanding and working knowledge about the Nestlé’s
Pre Requisite
infrastructure.
Audience Platform Team Members, Client Team, Field Services, and Network Team.
WHO
Flow Input / Task / output Visuals, links & comments Help Chain
Input : NA
Request from Market via RM, phone,
e-mail
Task Description :
Client Team or Field Services
1 receives the ticket for persistent
locked account issue.
Output :
Client Team or Field Services
contacts the affected end user.
Who :
Client Team or Field Services member .
Input : NA
Contact the user in order to verify if
he/she has a 3rd party device.
Task Description :
Contacts the user and verify if he/she
2 has a 3rd party Device (tablet,
Smartphone)
Output :
User contacted.
Who :
Client Team or Field Services member.
Task Description :
Needs to ask the user if he/she has a
third party device (tablet,
Smartphone) with Nestle e-mail set
3
Output :
If NO, needs to verify all registered
passwords and applications on user
workstation and close the ticket.
Who :
Client Team or Field Services member.
Input :
Update the password on mobile
device.
Wait 1 hour to check if the
Task Description : problem persists.
Update password for both email
4 account and wireless profile access
(NMD, Nestle Network wireless
profiles).
Output :
Password updated on mobile device.
Who :
Client Team or Field Services member.
Who :
Client Team or Field Services member
Input : Client Team or Field Services member Client Team must inform which
Add DIR SERVICES_WIPRO in open the command prompt from affected domain controller the user is
collaboration and provides which end user workstation, type the command
logged on in order to guide
domain controller the user is logged “set logon” and report the output in the
on. ticket: where DIR SERVICES_WIPRO
member will start the
6 Task Description : set logon troubleshooting.
Add DIR SERVICES_WIPRO to LOGONSERVER=\\BRSAPB0008
verify
On example above the output is
Output :
“BRSAPB0008”.
Add DIR SERVICES_WIPRO in
collaboration and provide set logon
command output in the ticket update.
Who :
Client Team or Field Services member
Output :
Determine what is the source system
that is sending wrong password
attempts to the Domain Controller
Who :
DIR SERVICES_WIPRO
Output :
Who :
DIR SERVICES_WIPRO
Input :
DIR SERVICES_WIPRO reports to Once application identified, the
Client Team or Field Services to ticket is assigned to the related
validate if the locks come from any Team. Step 10
9 application or local Windows service.
Case Client Team or Field
Task Description : Services fix the issue in the local
Client Team or Field Services looks workstation, the ticket is closed.
for any application the locks are
coming from, and assign to the
proper team.
Output:
Issued application or local Windows
service identified.
Who :
Client Team or Field Services
Input :
The team responsible for the Once lockouts reason is
application that generates the
Output:
Application password are validate
and fixed
Who :
Issued Application Team
Once the source and IP address
Input : found, the ticket must be
Source name found = “CISCO” The IP address can be checked using
updated and Network Team
Network Monitor tool. The steps to set
needs to be added in
11 Task Description : Network Monitor are described on
document Appendix collaboration on it.
Provide the IP address of Cisco
device that the user authentication is
passing through and add Network
Team (NETWORK LAN_ALPHA) in
collaboration.
Output :
CISCO IP addres and Network Team
added in collaboration;
Who :
DIR SERVICES_WIPRO
Output :
Who :
NETWORK LAN_ALPHA.
Input : NA
Get the mac address and model of
13 device that is sending wrong
password attempts to the CISCO
device.
Task Description :
Client Team or Field Services
contacts the user reporting the
device model and requests this
device to set the correct password on
it.
Output :
User contacted again and device
identified.
Who :
Client Team or Field Services
member.
Input : NA
User contacted and informed that the
reported device is the root of the
issue.
14 Task Description :
Once Network team provides the
device type, client team contacts the
user in loco, in order to type the
updated Nestle Active Directory
domain password on the device.
Output :
If device identified, update the
password on it and proceed with
ticket closure.
Who :
Client Team or Field Services
member.
Input : The steps block the mac address are
Client Team or Field Services asks described on document Appendix.
Task Description :
Output :
Device blocked in the access point
Who :
NETWORK LAN_ALPHA
16 Input :
If still not able to find the source, have to
go with this step.
AD team to fetch the bad passwords
triggered for the account from
LOCKOUT TOOL.
Task Description :
Check the lockout status of the
affected user account using account
lock tool in PDC server to know the
last lockout meta information.
Output :
Logs can be fetched.
And need to analyse with the logs
further to find the source.
Who :
DIR SERVICES_WIPRO
Input : NA
Issue solved.
Task Description :
17 Once issue solved, ticket can be
closed.
Output :
Ticket closed.
Who :
Client Team or Field Services
Member, or Network Team Member.
Appendix
Account lockouts in Active Directory environment
Account lockout is a feature of password security in Acive Directoy that disables a user account when five tentatives of
failed logons occur due to wrong passwords within a certain interval of time. The purpose behind of account lockout is to
prevent attackers from brute-force attempts to guess a user's password.
But, in many cases, end users are experimenting account lockout issues due wrong passwords tentatives from their mobile
devices, nestle wireless access or any other 3rd party device that requires a password.
This standard routine is to guide the involved teams to troubleshoot and fix the mentioned issue.