The "Block Users" feature is available as a Tab on clicking the "Advanced" configuration button against each Self Service Policy. This Advanced option in ADSelfService Plus enhances the security of an end-user's Active Directory account by blocking illegitimate users.
Using this feature,the administrator can block end-users from accessing the software for a defined time interval, when they do not satisfy conditions set here (fail the identity verification process) .
What limits can be set to Block Users
A blocked user does not have the access to "Reset Password" or "Unlock Account" features of this application.
Illustration: If you set the following limits
Maximum invalid attempts '3' within '5' minutes
Block user for '30' minutes
The above illustration implies - if a user fails to answer security questions 3 times in a 5-minute interval,then he would be prevented (blocked) from using ADSelfService Plus for 30 minutes.
This feature helps to "Block Users" who
Are not enrolled with ADSelfService Plus.
Are not pertinent to the corresponding domain.
Guess security answers by using scripts.(Automated guessing attacks).
It allows an administrator to block user (s) who fail the identity verification process.
Selecting this option allows you to limit the number of times users can reset their passwords or unlock their accounts using the product in a given time period.