Let me start by saying that the ASP.NET Boilerplate Module-Zero LDAP integration is working as expected.
My question is can I override the default behavior of this module.
By default, when an LDAP user first authenticates to the application, it generates a user account for each user and assigns them the default user profile.
My intention is to deny access to the user, until someone manually stubs out their user account and assigns their role (basically turn off auto-user creation).
Please share if you have thoughts on how to achieve this with ASP.NET Boilerplate/Module-Zero.
Following the document How to create external authentication source
I think you can override CreateUserAsync method. After LDAP authentication successfully, create new user and just set him as inactive.