If an administrator tries
to sign in to the Finesse administrator console (or diagnostic portal) with the wrong password five times in a row,
Finesse blocks access to that user account for a period up to 30 minutes. For
security reasons, Finesse does not alert the user that their
account is locked. They must wait
30 minutes and try again.
Similarly, if agents or supervisors sign in to the desktop five times in a row with the wrong password, Finesse blocks access to that user account. However, in this case, the lockout period is only 5 minutes. This restriction also applies when agents and supervisors sign in using Finesse IP Phone Agent (IPPA).
When an agent or supervisor account is locked, subsequent attempts to sign in, even with correct credentials, reset the lockout period to 5 minutes again. For example, if a locked user tries to sign in again after only 4 minutes, the lockout period is reset and the user must wait another 5 minutes. This reset does not apply to the administrator account.
To view whether a user account is locked, enter
the following CLI command:
file get activelog desktop recurs
Then extract the zipped output, and search the catalina.out logs
(opt/cisco/desktop/finesse/logs/catalina.out) for the following message referring to the locked username:
An attempt was made to authenticate the locked