• Article for your preferred language does not exist. Below is international version of the article.

Article ID: 116156, created on May 23, 2013, last review on Aug 12, 2014

  • Applies to:
  • Operations Automation


An user cannot log in to their Exchange mailbox using OWA (Outlook Web Access). Customer's administrator reset the user's password in POA Control Panel, however the user is still unable to log in.


Before the user's password was changed, their Active Directory account was locked because of many login attempts with incorrect password. Changing the password does not unlock the AD account.

Another possible reason of problem is that password changing process was not yet completed, see the Knowledgebase article #116049 for resolution.


POA can manage user locking settings in POA and Active Directory if the 'ADLockoutMonitor' package is installed on all Active Directory domain controllers in the Windows hosted environment. Details are available in the POA Provider's Guide > Synchronizing POA and AD User Lockouts. If this package is deployed on domain controllers, AD user account can be unlocked from POA Control Panel. This can be done by customer as well as by Provider.

Customer's administrator can see if the user is locked and unlock them from POA Customer CP:
  1. Open the 'Account' tab
  2. Click on 'Account Settings'
  3. Click 'More Tools'
  4. Click 'Locked Đ“sers'
  5. Select the user from the list and click 'Unlock'

Detailed instructions is available in POA Subscriber's Guide: Unlocking Users.

2. Provider's administrator also can unlock users through Provider Control Panel at System Director > Audit Manager > Locked users:

Additional information can be found in POA Provider's guide: Unlocking Users.

If the 'ADLockoutMonitor' package is not deployed, POA will not know whether or not user is locked in AD and will not be able to unlock the account.

In this case the user can either be unlocked manually in AD by domain administrator or they can wait until account is automatically unlocked after Active Directory lockout duration time expires.

caea8340e2d186a540518d08602aa065 5356b422f65bdad1c3e9edca5d74a1ae e12cea1d47a3125d335d68e6d4e15e07

Email subscription for changes to this article
Save as PDF