Locked Users Page Documentation

The Locked Users page in the Mideye Server web interface provides administrators with the ability to view and manage users who have been temporarily or permanently locked out due to exceeding a predefined number of failed login attempts. This feature is useful for enhancing security and preventing brute-force attacks or unauthorized access attempts.

Page Overview

• Username: Displays the username of the locked user.
• LDAP Profile: Indicates the LDAP profile associated with the locked user, if applicable.
• Azure AD: Specifies the Azure Active Directory (Entra ID) profile associated with the locked user, if applicable.
• Num Attempts: Shows the number of failed attempts that led to the user being locked.
• Locked At: Indicates the date and time when the user was locked.
• Locked Until: Shows the date and time when the lock will be lifted (if applicable). A value of 0 indicates a permanent lock.
• Action: Provides options for managing the locked user, such as unlocking the user manually.

Configuring User Locking

From the LDAP Profile Settings

• Activate LDAP User Blocking:
  Enabling this option will cause the system to temporarily lock out a user after a defined number of failed login attempts. The lockout duration can be set to a specific number of minutes, or 0 for a permanent lock.

  • Temporary Lockout: Users will be automatically unlocked after the specified time duration.
  • Permanent Lockout: Users remain locked until manually unlocked by an administrator through the web GUI.

• Entra ID User Locking:
  To enable user locking for Entra ID, navigate to the Azure Active Directory profile and select the User Locking tab. By default, users will be locked out after 10 failed login attempts for a duration of 1 minute. These values can be adjusted to meet specific security needs.

Administrators can use the Locked Users page to manually unblock users as necessary, providing flexibility and control over access management.