The documentation for some time has been fairly vague on the difference between a locked and inactive USER within AWA. A couple of questions come to mind:
Release : 12.3
Component : Documentation
What is the difference between locked and inactive?
There is no functional difference between locked and inactive as far as whether a user can login. To be able to log on to the system, the user must be active and not locked. If either of these flags is set, access is denied. The 'User is locked' option was introduced with the support of LDAP authorizations around 2006. A USER object can become locked or inactive the following ways:
There are options in the AWI to show users who are locked, and there are options to show users who are inactive so that Administrators have a way to distinguish between manually altered users by the administrator (inactive) vs. automatically disabled users (locked). This is especially useful in context of LDAP connections, where the user in AE is synced with the state of the LDAP server.
Regarding the second question: The documentation states: "A new User is active by default. Activate User is locked to deactivate it." What does this mean?
It is not clear why this was put in the documentation and it has been there for a very long time. It will be removed in the future.