- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Locking Accounts
Hi, all,
I'm probably missing something obvious, here, and just not phrasing my searches of the Guide correctly, but what's the best way to lock user accounts? I have some administrative holds, adjuncts who aren't currently under contract but may teach again, etc., whose access I need to temporarily disable without the side effects of deleting. I don't want information to disappear; I just need them to not be able to login.
For most users we use SSO, and that's easy: we disable them in AD. But we also have a class of users with Canvas-only accounts using native login, and that's less obvious: if I just change their passwords they can reset them.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi Jay,
You're correct if you just change the password the user can reset them. I can think of a couple things you can do.
- Modify the email associated with the account. By changing the email to be something other than what was entered even if they tried to click the reset password they would never receive the email with the link to reset their password.
- You can also hide the reset password link on the Canvas log in page or change the URLof the reset password link. This requires adding some custom javascript and while this works if you have a very tech savvy individual they could go un-hide the reset password link it does add some complexity for them to be able to get to the reset password option.
You could look at using the #last user access to monitor when users were last logged into Canvas.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
We change the username in the user's account. This way, even if they try to select the reset password option, the username they enter is not an option. That seems to work for us.
