What is Call2Unlock?
Call2Unlock is the first LDAP self-service solution which works towards a simple phone call.
A big percentage of calls that a service desk or IT support departments receive, are related to unlock or reset user accounts. One self-service LDAP system, make this task possible, without the intervention of a human.
Typically, the products which solve this issue, have some disadvantages like the necessity to install software on the PCs, or sometimes exposing and compromising the security using web tools or mobile applications available from the internet.
Users of Call2Unlock just need to dial an internal extension on the company’s PBX, or a public DID, and following some instructions, the user account will be securely unlocked, or reseated.
In order to implement Call2Unlock for your organization, you just need:
- Microsoft Active Directory (Windows 2003 or higher) as directory server.
- Any PBX system compatible with SIP protocol. (Otherwise Call2Unlock Cloud Secure Phone Gateway could be provided).
How Call2Unlock work from the end user perspective?
Situation1: “My name is Bob Smith, and I work for in financial department, and my account usually gets locked out, because I fail several times typing my password, and I need to be unlocked a.s.a.p. I typically work in my office, within the company’s network”
Bob should follow the following steps.
- Dial the internal Call2Unlcok extension provided by the administrator, one friendly IVR will ask for a personal identification number. (like an employee number or badge number)
- The system will ask Bob, what action does he need to perform (Unlock or Reset his account)
- Once Bob, press option 1 (unlock account), the system will find Bob’s account and will play the message “The account that you are trying to unlock is ‘Bob Smith, If this is the account you are trying to unlock, please press 1, otherwise press 0 or hung up the call”. Then it will ask Bob for a PIN number to confirm the action.
- Once the system gets the option key (1), and the PIN number, the system will say “Your account has been successfully unlocked”, and immediately, the user will be able to login into the network.
PS. The identification number and the 4 digits PIN confirmation code, are both Account attributes, that needs to be defined in the Active Directory.
Situation2: “Bob is locked and he is working from home, trying to connect to the company’s VPN, which unfortunately uses the Active Directory for authentication”
Bob will be able to unlock his account using the same options than the Situation 1. The only difference is, that now he is going to dial a public DID number configured on the company’s PBX, His personal user’s telephone number has been included previously in a “white list” for allowed personal phones to use Call2Unlock
