Hi All,

I've got a question about locking users out.

On the admin/editUser page, the checkbox is available for IsLockedOut. If the user is not locked out, the checkbox is disabled. If the user is locked out, the checkbox is enabled and admins can unlock the user. So how do you go about actually locking a user out.

In the book it is simply stated that "users can't be locked out from here", but it gives no leads on how to actually allow admins to lock a user out.

I've looked through the Membership object methods and no 'LockUser' method exists, only 'UnlockUser'. Certainly this must be possible, but from where?

Thanks

Also, does it seem a little short sighted of Microsoft to only provide half of this functionality through the Membership object to anyone else? What is so special about locking a user that it wouldn't be included as a method?

Hi in the webconfig you have this line of code

maxInvalidPasswordAttempts="5"

And this means that if a user logs on 5 times with incorrect information he will be LockOut.

So that is what it is used for.

FT, thanks for the reply, but it's not quite what I'm looking for..

I understand the method you described, but what I'm looking for is being able to lock a user out manually as an Administrator.

Say you have some guy spamming up your boards or posting things you don't want posted, like porn or adverts, et al, how do you go about locking that guy out? Incorrectly logging as his userName 5 times?
See what I mean? Certainly there has to be a way to set up manual user locking for the admins.