User's getting blocked

ldap_integration does not block the users.

Sorry to re-open an old issue, but I just wanted to see what would be involved in setting the Drupal user's account to blocked, if that user is locked on the LDAP server.

While I don't have any realistic expectations that such functionality will be implemented, it is, for some administrators, the expected behaviour.

After pouring though the module code, I just wanted to get the maintainer's sense of what would be involved in such a patch.

Clearing out old support requests - reopen if problem still exists in newest code (dev)

That said... How do you define "user is locked on the LDAP server"? I assume that you are thinking about an ActiveDirectory situation where the domain account has been locked. IFAIK, the LDAP standard / objectClasses don't define a "locked" attribute, so this is "application" specific (e.g. Windows/*Nix PAM). IMHO, this makes it hard to generalize and requires specialty code for each situation. Especially since I think AD locking involves a timestamp and unlock delay settings.

The best way to do this is probably a new module rather than adding it into the code. This module could use the hook_user / 'login' op to test if the user was ldap authenticated (user object properties) and then retrieve and process the ldap attributes to determine blocked status.

This was actually for Open Directory, not ActiveDirectory. Yes, I am not aware of a locked attribute that works across LDAP implementations.

This is no longer an issue for me. WRT your suggested approach, it seems odd in general that there's not a standard here but that would be a clever workaround.

Thanks for the update.