Closed pschuler78 closed 7 years ago
An user which is deactivated or in user state locked can still login. The identity framework does not consider the account status.
When the user is set to disabled by the FLS client, the lockout enabled flag must be enabled and the lockout end date must be set to maximum.
See also: https://stackoverflow.com/questions/32951260/how-to-disable-a-user-in-identity-2-0 https://aspnetidentity.codeplex.com/discussions/530201
An user which is deactivated or in user state locked can still login. The identity framework does not consider the account status.
When the user is set to disabled by the FLS client, the lockout enabled flag must be enabled and the lockout end date must be set to maximum.
See also: https://stackoverflow.com/questions/32951260/how-to-disable-a-user-in-identity-2-0 https://aspnetidentity.codeplex.com/discussions/530201