Last post Mar 15, 2013 04:44 PM by march11
Mar 15, 2013 03:20 PM|Loganix77|LINK
This is an informational post to try and help people find the information I was looking for more quickly.
I know there are people out there that will argue that my need for this function is a result of not setting my memberships up in a more productive fashion, but I really didn't want to go back and redesign all my pages to make up for this short-sightedness
(sp?). Long story short what I've run into is that my site will allow you to request an account but it will not let you register on the site unless I manually approve it. This is for a company Intranet and because of the low volume of requests it seemed
the easiest way to handle it at the time. The problem is that even at the very basic level of access, there are sensitive items that I didn't want available to the public. Sometimes it is neccessary for me to give someone temporary access to the site. Rather
than having to delete their account after we are finished I wanted to be able to have an account I could just turn on and off as desired (lock/unlock). The built-in functions allow for IsApproved = True/False or User.UnlockUser(), but I couldn't find a User.LockUser()
function anywhere. I googled searched for a while but everything kept taking me back to "IsApproved" true/false. This would not however, stop a user from authenticating and gaining access to the root of our site.
In the process of searching I saw many other people asking the same question but they couldn't find an answer on how to "Lock" a user account. As I stated before all the posts I saw kept pointing back to IsApproved = True/False. My hope is that this thread
might save future people some time. It doesn't look like ASP .NET has a built-in module for locking a useraccount, just unlocking. So if, like me, you find yourself in need of the ability to lock user accounts you might find this next little bit of code
helpful. I have a process to first find and select a user account. Please use what ever works best for you here. For my scenario with right around 25 accounts, I elected to just use a dropdownlist, but any method that will allow you to access their asp
.net membershipuser information will work fine. Beyond that I have two buttons that change on selected item change, button lock and button unlock. They switch their enabled property back and forth based on the selected user's locked status. Once you can
grab your user's account information you'll need some code like this to manually lock their account:
Sub BtnLock_Click(ByVal sender As Object, ByVal e As EventArgs) Handles BtnLock.Click
Dim strUser As String = DLUsers.SelectedValue
Dim usr As MembershipUser = Membership.GetUser(strUser)
Dim strSQL As String = "Update aspnet_Membership set IsLockedOut = 1 Where LoweredEmail = '" & LCase(usr.Email) & "'"
'This connection string needs to match your webconfig file for your asp .net application database
Dim cnStr As String = ConfigurationManager.ConnectionStrings("ApplicationServices").ConnectionString
Dim cnn As New Data.SqlClient.SqlConnection(cnStr)
Dim cmd As New Data.SqlClient.SqlCommand(strSQL, cnn)
BtnLock.Enabled = False
BtnUnlock.Enabled = True
Catch ex As Exception
I hope this saves someone else the time I spent looking for it.
Mar 15, 2013 04:44 PM|march11|LINK
You might want to check this out. It is a favbulous tool for site admin of user accounts, using roles in the membership. I found it very worth going back and recoding my site to use this. Very efficient.