Jump to content

Unexpected 'Suspended' status


Steve Giller
 Share

Recommended Posts

When I arrived at work today I was told we'd had a small period of difficulty connecting for some staff (full users) - I suspect, from talking to my team, that all that was required was a browser refresh so that's not an issue.

However, after that I had one member of staff who found themselves set to 'Suspended' and could not sign in.
As far as I can ascertain no-one had made this change manually, and we are not maxing out on licenses; is there a reason that this might have happened that I can look out for and hopefully prevent, or would it just be a glitch that is unlikely to happen again?

I normally associated account suspensions with failed logins; but we use SSO so it wasn't a mistyped password.

Link to comment
Share on other sites

Hi @DeadMeatGF

My first thought would have been suspended due to failed logins.  I'm not aware of anything else that would change this automatically.  I'm afraid don't know enough about SAML to know if something can occur between the identity provider and Hornbill that would cause this while you were having this period of difficulty connecting.

I will make sure that the team are aware to see if they can provide any further feedback.

Regards,

James

Link to comment
Share on other sites

@DeadMeatGF there are system settings dictating user lockouts following multiple failed logins. These are the default values:

image.png

It does not matter if SSO or Hornbill login, if the login procedure fails the number of times configured in "failedLoginAttempts" (for whatever reason) the user is suspended...

Link to comment
Share on other sites

I'm mainly intrigued by the mechanism that led to it - we had a number of users accessing the system at the time, but only one ended up suspended.
If I can establish what triggered that setting I can either address the individual or the system as appropriate.
For example, if it turns out that he got a pop-up asking him to refresh the browser (as a colleague in my office did) and he ignored it, and it turns out that was the cause I can address the user; if the system will always send multiple logon requests in this instance I can address that instead, either by increasing the threshold or by reducing the lockout duration as appropriate.

Link to comment
Share on other sites

@DeadMeatGF in each instance multiple services are running, the issue was caused by one of these services... so most likely the service responsible for logins was working but the one that returns data to this service was not... in effect, it meant that the login was failing purely because the service returning data was down.... nothing on your side... I am saying this because I don't think is anything you need to address, anything you can do... it was an unfortunate circumstance... 

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

×
×
  • Create New...