Description
This article describes the behavior of user inactive lockout policy for local/remote users.
Solution
- User inactive lockout policy can be configured so that inactive users are disabled after a period of inactivity (It can be configured between 1-1825 days, default 90 days).
- Disabled users will not be able to authenticate via FortiAuthenticator and an admin user has to manually enable the user in order to re-activate the user.
- However, do take note that this option is only applicable for local users defined under User Management -> Local Users, remote users are not affected by this policy.
- For remote users, it is expected for the RADIUS/LDAP/TACACS+ server to implement by returning an authentication failure for the account.
- However, do take note that this option is only applicable for local users defined under User Management -> Local Users, remote users are not affected by this policy.
- For remote users, it is expected for the RADIUS/LDAP/TACACS+ server to implement by returning an authentication failure for the account.
