Solved: Re: CTIOS Login - IPCC Error [10156]

brian1mcc · ‎10-07-2010

Hi,

Customer recently upgraded to ICM/CTIOS 7.5.9. Since then some agents are intermittently seeing the following error message when logging on.

" IPCC Error [10156]Login denied because agent exceeded unsuccessful login attempts. "

I haven't seen this before, and this error isn't listed in the IPCC error codes document http://www.cisco.com/en/US/products/sw/custcosw/ps1844/products_tech_note09186a00800e1524.shtml

Anyone have any ideas what could be causing this? Is there a new limit on unsuccessful login attempts in icm 7.5 ... if so, can we change the number of attempts allowed?

Thanks,

Brian

geoff · ‎10-07-2010

Yes, it is new - added to 7.5. You can change it in the CTIOS registry.

Regards,

Geoff

View solution in original post

david.macias · ‎10-07-2010

HKLM\SOFTWARE\Cisco Systems, Inc.\\ICM\\PG(n)[A/B]\PG\CurrentVersion\PIMS\pim(n)\EAGENTData\Dynamic

david

Blog

View solution in original post

dehebert · ‎10-07-2010

Brian,

Here is some additional information on these keys:

AccountLockoutDuration - Determines the number of minutes an agent account remains locked out before automatically becoming unlocked. Default is 15.

AccountLockoutResetCountDuration - The number of minutes that must elapse after a failed logon attempt before the failed logon attempt counter is reset to 0 bad logon attempts. The default settings is 15.

AccountLockoutThreshold - The number of failed logon attempts that causes an agent account to be locked out. A locked out account cannot be used until the AccountLockoutDuration has expired. The default settings is 3. Setting the value of this key to 0 disables the entire feature.

It is descibed in the scurity and best practices guide:

http://www9.cisco.com/en/US/docs/voice_ip_comm/cust_contact/contact_center/icm_enterprise/icm_enterprise_7_5/reference/guide/icm7xsecurty.pdf

Page 139.

Hope this helps,
D

View solution in original post

geoff · ‎10-07-2010

Yes, it is new - added to 7.5. You can change it in the CTIOS registry.

Regards,

Geoff

brian1mcc · ‎10-07-2010

Thanks Geoff, I had a look at the system managers guide, and the registry itself .. can't see any reference to it.

Do you happen to know which reg key it is?

Thanks,

Brian

david.macias · ‎10-07-2010

HKLM\SOFTWARE\Cisco Systems, Inc.\\ICM\\PG(n)[A/B]\PG\CurrentVersion\PIMS\pim(n)\EAGENTData\Dynamic

david

Blog

geoff · ‎10-07-2010

Do you happen to know which reg key it is?

I don't, but David does.

Regards,

Geoff

dehebert · ‎10-07-2010

Brian,

Here is some additional information on these keys:

AccountLockoutDuration - Determines the number of minutes an agent account remains locked out before automatically becoming unlocked. Default is 15.

AccountLockoutResetCountDuration - The number of minutes that must elapse after a failed logon attempt before the failed logon attempt counter is reset to 0 bad logon attempts. The default settings is 15.

AccountLockoutThreshold - The number of failed logon attempts that causes an agent account to be locked out. A locked out account cannot be used until the AccountLockoutDuration has expired. The default settings is 3. Setting the value of this key to 0 disables the entire feature.

It is descibed in the scurity and best practices guide:

http://www9.cisco.com/en/US/docs/voice_ip_comm/cust_contact/contact_center/icm_enterprise/icm_enterprise_7_5/reference/guide/icm7xsecurty.pdf

Page 139.

Hope this helps,
D

brian1mcc · ‎10-07-2010

Thanks Geoff, David and D! Helpful as always!

Brian

Ellen McFarland · ‎10-08-2018

The easy fix was to remove the device from Call Manager and UCCE and add as a different agent ID.