cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1586
Views
5
Helpful
10
Replies

Uccx script to lock/unlock account in AD

Vinod.s
Level 3
Level 3

Hello All,

 

I am looking for script  using which caller can check status of account in AD and if account is locked then he can able to unlock using the same.

 

You can share your idea as well to achive this.

1 Accepted Solution

Accepted Solutions

Below, video with the direct implementation. If you are interested drop me an email at info@gaman-gt.com or send me priv message.

Marek
Web: https://gaman-gt.com

View solution in original post

10 Replies 10

Vinod.s
Level 3
Level 3

Any 1 here ?

A customer paid for 2 days work as a proof of concept to unlock and reset the password on an AD account.

I wrote some code using Visual Studio that ran on the IIS server to make the interface into AD. This was accessed from the CCX script using a http access to the IIS.

To validate the user, they entered their employee number and their date of birth.

Although it worked the customer did not implement the solution.

Graham

Hi graham,

 

I want to try this solution, can you share this with me ?

@Vinod.s, I think that you have 2 general options:

  • Proxy mode - you can use a middleware suggested by @Graham Old - web server - this way you can create a code in any language you want. It will also be more universal and can be used for UCCX and UCCE/PCCE. The main disadvantage of this approach is that you need to have external resources to deploy the middleware (it can not reside on the UCCX server).
  • Direct mode - in this case, the IVR script will be responsible for integration with AD. To deploy it you will need to create a java function (which can be found on the internet) that you can call using the Set Variable element. In this case, the code will only work for UCCX but no external resources are needed. There also may be a need to deploy a custom created JAR library. That being said, for future platform upgrades, you need to remember that the code and dependency libraries need to check for the new versions (Java is changing very quickly and there can be reverse compatibility problems).

Once you select the deployment model, you will also need to take into consideration the security aspects like:

  • should all users be able to unlock their accounts?
  • if user is allowed to do it - how to verify his identity?
  • should this operation be protected by a password?
Marek
Web: https://gaman-gt.com

Hello marek,

 

I want to try this direct mode, you have any document or video to implement this ?

Below, video with the direct implementation. If you are interested drop me an email at info@gaman-gt.com or send me priv message.

Marek
Web: https://gaman-gt.com

ok

The proof of concept showed it could be done but ultimately security concerns stopped further work. The employee ID and date of birth was not considered secure and they could not find a way to securely validate the caller.

There was also a SQL table that provide an audit trail.

I think the security is the problem that needs solving, how do you identify and authenticate the caller.

Graham

Hi Graham,

 

That's the problem of all MNC company. Technical team is intrested for any feature but just because of budject concern or security reason management cancel there proposal.

Every1 needs secure and cost effective solution. 

Hi Graham, 

actually, It's interesting topic! can we use sms gateway to get a OPT verification code? do you have an idea how to do this integration and build a script to achieve this feature?

your support is highly appreciated 

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: