User Access Manager Help >> Operation Guide >> Access User >> Denylist User

Denylist User

Denylist user is denied from accessing the network or using recharge cards. They are blocked for the following reasons:

• Locked by Operator: Through Self-Service log analysis, operators find that the access of some users needs to be denied. The operator can add the users to the denylist. This kind of restriction cannot be invalid unless the operator releases the user manually.
• Malicious Login Attempt: The number of unsuccessful password attempts exceeds the limit, and therefore the system considers that an illegal user is trying to gain access to the network. The account is put into the denylist and can be used the next day. The maximum allowed password retries is decided by the Max. Authentication Attempts in the Configure System Parameters part. The administrator can manually release the user from the denylist. The user can be used 15 minutes after it is manually released.
• Nonpayment over specified billing period: Ordinary users that owe fees for a period exceeding the denylist threshold will be added to the denylist and cannot use subscribed services anymore. A user can get out of the denylist immediately by paying for the owed bill, so as to continue to use subscribed services. (This option appears only when the CAMS component is installed.)
• Recharge failures exceeded the threshold: If a user recharging the account with a card fails to input the correct password after trying for the allowed maximum number of times, the user will be added to the denylist and denied any more recharge attempt (note that this does not affect access of the user to the network). Users added to the denylist for this reason will be resumed automatically on the next day. Users can also ask the administrator to delete them manually from the denylist. (This option appears only when the CAMS component is installed.)
• Invalid Client: When a user attempts to access the network using an invalid client, the user is immediately blocked. The user will be automatically released the next day or manually released by an administrator.
• If the security level is set to Denylist and Kick Out for OS password check failures, noncompliant endpoint users will be added to the denylist and then kicked out. The blocked users cannot be automatically released from the denylist. Security Check Failure appears only when the EAD component is installed.

Operation Procedure

1. Select the User tab, and then in the navigation tree select Access User > Denylist User.
2. The Denylist User List provides the following operations:
   • Click the titles of the denylist user list, the list is sorted in specific order. For example, if you click Blocked At, entries are sorted by time.
   • Click a link in the Account Name column to go to the Access Account Information page.
   • Click the link to go to the Denylist Details page.

Functions

• Basic Query
• Advanced Query
• Block/Unblock Users
• Release from Denylist
• Denylist Details

Precautions

• A user blocked by an operator cannot log into the system unless the operator releases the user from denylist.
• Users blocked for malicious login attempts are restricted to log into the system from the same PC on which the users have performed the malicious attempts. The restriction is invalid the next day, so that the user can continue to log into the system with correct username and password.

Related Topics

• Basic User Information Management