Cisco Jabber v 11.7.1 Service Account Lockout Issue

ako5ta · ‎10-23-2018

Hi,

I am currently experiencing intermittent issues with Cisco Jabber, the scenario is as follows:

MS Active Directory Auth

Cisco Jabber clients v11.7.1

Lockout policy set to 10 incorrect logon attempts for users

The issue is that the 'service account' is locking out not the actual users.

I have tested entering user credentials manually incorrectly 10 times and it only locks the user not the service account. Something is causing the service account to lockout rendering the entire service to an outage.

I am able to locate the security log file from the domain controller to pin point the Source Network Address that caused the service account to lockout, this is an IP address which I then trace back to a PC and a specific user.

My current workaround is to get the user to logout of Cisco Jabber and reset their Cisco Jabber Client and then the service operates as normal. Until it happens again, it has been occurring 2-3 times a week.

Any assistance with this issue would be greatly appreciated.

Regards

Jonathan Schulenberg · ‎10-27-2018

In my opinion, the best approach here is to stop using a shared account for BDI/EDI. This is actually a mandatory change in Jabber 11.8 since this was causing Jabber to fail various security audits - the service account password was easily accessible. In current versions (aka the CDI replacement of ESI/BDI) Jabber either reuses the login credentials supplied by the user at login to Jabber; or, mandates the user enter credentials manually in Jabber Preferences.
https://www.cisco.com/c/en/us/td/docs/voice_ip_comm/jabber/12_0/cjab_b_planning-guide-for-cisco-jabber-12/cjab_b_planning-guide-for-cisco-jabber-12_chapter_0110.html

https://www.cisco.com/c/en/us/td/docs/voice_ip_comm/jabber/12_0/cjab_b_on-premises-deployment-for-cisco-jabber-12/cjab_b_on-premises-deployment-for-cisco-jabber-12_chapter_0100.html