Showing results for 
Search instead for 
Did you mean: 

Uccx script to lock/unlock account in AD

Hello All,


I am looking for script  using which caller can check status of account in AD and if account is locked then he can able to unlock using the same.


You can share your idea as well to achive this.


Accepted Solutions

Below, video with the direct implementation. If you are interested drop me an email at or send me priv message.


View solution in original post


Any 1 here ?

A customer paid for 2 days work as a proof of concept to unlock and reset the password on an AD account.

I wrote some code using Visual Studio that ran on the IIS server to make the interface into AD. This was accessed from the CCX script using a http access to the IIS.

To validate the user, they entered their employee number and their date of birth.

Although it worked the customer did not implement the solution.


Hi graham,


I want to try this solution, can you share this with me ?

@Vinod.s, I think that you have 2 general options:

  • Proxy mode - you can use a middleware suggested by @Graham Old - web server - this way you can create a code in any language you want. It will also be more universal and can be used for UCCX and UCCE/PCCE. The main disadvantage of this approach is that you need to have external resources to deploy the middleware (it can not reside on the UCCX server).
  • Direct mode - in this case, the IVR script will be responsible for integration with AD. To deploy it you will need to create a java function (which can be found on the internet) that you can call using the Set Variable element. In this case, the code will only work for UCCX but no external resources are needed. There also may be a need to deploy a custom created JAR library. That being said, for future platform upgrades, you need to remember that the code and dependency libraries need to check for the new versions (Java is changing very quickly and there can be reverse compatibility problems).

Once you select the deployment model, you will also need to take into consideration the security aspects like:

  • should all users be able to unlock their accounts?
  • if user is allowed to do it - how to verify his identity?
  • should this operation be protected by a password?

Hello marek,


I want to try this direct mode, you have any document or video to implement this ?

Below, video with the direct implementation. If you are interested drop me an email at or send me priv message.



The proof of concept showed it could be done but ultimately security concerns stopped further work. The employee ID and date of birth was not considered secure and they could not find a way to securely validate the caller.

There was also a SQL table that provide an audit trail.

I think the security is the problem that needs solving, how do you identify and authenticate the caller.


Hi Graham,


That's the problem of all MNC company. Technical team is intrested for any feature but just because of budject concern or security reason management cancel there proposal.

Every1 needs secure and cost effective solution.