Associate is locked out

When an associate attempts to log on to the POS application, an error message is displayed that the associate is locked out.

Use the following information to determine the problem’s possible cause and solution.

Possible cause

Multiple log on attempts using wrong password—the POS application is configured to limit the number of successive failed log on attempts using an incorrect password before an associate is locked out. This password rule is compliant with the PA-DSS requirement. For more information, refer to Payment Card Industry (PCI) compliance.

When an associate goes past the specified limit, the POS application displays an error message that the POS application is locked out and blocks any more sign on attempts.

Solution

NCR recommends resetting the POS associate password. Follow these steps on each component and in the following order:

  1. Open a web browser and access the NCR DSR Web API page.
  2. Obtain a security token to authorize the password reset. For more information, refer to Requesting authorization.
  3. Reset the password.

To reset the password, follow these steps:

  1. Access the POST-api-v8-Security-ResetPassword page through this URL:

    http://[NCR DSR Enterprise API Server Name or IP address]/NCRRetailOne/Help/Api/POST-api-v8-Security-ResetPassword

  2. Select Execute API. The following window is displayed.

    The following image uses sample values for the required fields.

  3. Do the following for the required fields:
    • Header—add an authorization header, then paste the ASToken that was generated in the POST api/v8/Security/Login response.
    • newPassword—enter the new password for the associate. Ensure that this password conforms to the Advanced Store system password policy. For more information, refer to Payment Card Industry (PCI) compliance.
    • orgName—use the Corporate organization name.
    • userName—enter the associate ID of the locked-out associate account.
    • password—enter the old password of the associate before the account got locked out from the POS application.
      Note

      This field can have any value or a blank value when the retailer is using the Advanced Store CoreDB database security authenticator.

  4. Select Send. The application displays a response for this request. A 200/OK status indicates a successful request.

Note

To validate that the solution has been applied, open the POS application, and check the Fiddler response. A successful response should log as HTTP/1.1 200 OK.

Follow these steps:

  1. Open the POS application.
  2. Sign on to the POS application using the Associate ID and the new password of the locked-out associate account. The application displays the Password Renewal Screen.

  3. On the Password Renewal screen, enter the current and new password for the associate on its corresponding fields.
  4. Select Accept. The application displays the Transaction Types screen and the associate can now sign on to the POS application.