Helpdesk webapp locks idle user

106 views
Skip to first unread message

john downes

unread,
Sep 11, 2023, 2:19:34 PM9/11/23
to RCDevs Security
Hi,
I am currently using WebADM version 2.2.2. While using the helpdesk webapp we have noticed that When logged on if the user does not log off and allows the browser session to timeout it locks the users account in Active Directory. The user is then presented with a blank white screen if they try and log on again.
Thanks John

Yoann Traut (RCDevs)

unread,
Sep 13, 2023, 5:35:33 AM9/13/23
to RCDevs Security
hello,

Nobody else reported that kind of issue with helpdesk. 
What is your OpenOTP and Heldpesk version ? 

Regards

john downes

unread,
Sep 20, 2023, 1:14:58 AM9/20/23
to RCDevs Security

OpenOTP version is 2.2.2, HelpDesk version is 1.1.1

john downes

unread,
Oct 6, 2023, 11:53:01 AM10/6/23
to RCDevs Security
This was an issue with the end client product not HelpDesk. Thanks for your responses.

john downes

unread,
Jan 12, 2024, 4:20:41 AM1/12/24
to RCDevs Security
We now have users on end clients seeing this issue. When logged onto the helpdesk portal and leaving the page idle for 10 minutes the page times out and the users account is locked in active directory. It appears the page tries to re authenticate using the users credentials 3 times and locks the account. This happens in both edge and chrome browsers. We are using a read only mountpoint for active directory.

john downes

unread,
Jan 12, 2024, 4:27:21 AM1/12/24
to RCDevs Security
We are now seeing this issue occuring on end user devices. If the user leaves the helpdesk portal open and idle for 10 minutes the session timeout appears to try and re authenticate the user session 3 times and locks the user account in active directory. We are using a read only mount point to active directory. This occurs in both edge and chrome browsers. 
On Friday, October 6, 2023 at 4:53:01 PM UTC+1 john downes wrote:

Yoann Traut (RCDevs)

unread,
Jan 12, 2024, 4:27:24 AM1/12/24
to RCDevs Security
Hello, 

That is strange... We have multiple customers using helpdesk application and nobody reported that kind of issues. 
We gonna give a try and let you know our feedback. 

Regards

Yoann Traut (RCDevs)

unread,
Jan 26, 2024, 10:31:51 AM1/26/24
to RCDevs Security
Hello, 

After few tries in different environments and dev investigations, we are not able to reproduce your issue or identify in the code something which can cause the behavior you described. 
We suspect something else related to your infrastructure. 

Regards

Reply all
Reply to author
Forward
0 new messages