I'm a network admin of and Active Directory environment w/ over 150 users We get a lot of tickets for account unlocks. I've seen tons of commercial products (small list below) but quite frankly the pay per user pricing model is absurd.
There are a couple of tutorials out there on how to design your own but I'm no coder.
We have a 15 minutes timeout but that's a lot of lost production time. And I have 150, but we have another office of 80, and another of 300. And even though we might only get 1 or 2 tickets a day, that adds up.
As to how they would get to such a page if they're locked out? 1) they could use a neighbor's computer or 2) I could potentially setup a little kiosk workstation for the sole purpose of account unlocks.
Not a comprehensive list by a longshot, but here is just a sampling of the tools I've found that do the job, all of which want to be paid far more than I think is appropriate. After all, I think a good coder could do this in a single day, just setup an ASP page that allows a user to enter an email address, answer a secret question, and if the user provides the correct answer is allowed to unlock or change their password. Just write the data to a little Access database! Oh well...
-NewWrix's Password Manager
-Self Service Admin
- ADSelfService Plus
-NetIQ's Secure Password Admin
-Avatier's Password Management
-Tools4Ever's Self Service Reset Password Management