Unlock locked account in CMS using AspNet Identity

Vote:
 

Hi All,

CMS 11.12.0

I've configured my site to use EPiServer AspNetIdentity as the authentication module. I've also configured user lockout settings in ApplicationBuilderExtensions as per https://world.episerver.com/documentation/developer-guides/CMS/security/episerver-aspnetidentity/

i.e.

manager.UserLockoutEnabledByDefault = true;
manager.DefaultAccountLockoutTimeSpan = TimeSpan.FromDays(365 * 200);
manager.MaxFailedAccessAttemptsBeforeLockout = 5;

I've noticed in the CMS UI when editing a user that the "Account locked (too many failed logon attempts)" is greyed out.  I assume this is a result of the change in authentication OR is there some extra config required to hook this up? i.e. If an account does get locked out I would like to use the existing UI to unlock.

Cheers
Mark

#206432
Aug 21, 2019 9:26
Vote:
 

I think this is because change in authentication. You are not using default authentication provider. 

#206445
Aug 21, 2019 12:58
Vote:
 

yes, thats what I think also, so just wondering if there is config to make it work or something I need to implement?  If not I can just create a plugin that will allow CMS users to update as I can see the values "LockoutEnabled", "LockoutEndDateUtc" and "AccessFailedCount" in "AspNetUsers" getting set correctly.

#206464
Aug 22, 2019 1:14
* You are NOT allowed to include any hyperlinks in the post because your account hasn't associated to your company. User profile should be updated.