diff --git a/conf/config.inc.php b/conf/config.inc.php
index 0b511f1..e7287a5 100644
--- a/conf/config.inc.php
+++ b/conf/config.inc.php
@@ -141,6 +141,8 @@
 
 $use_searchlocked = true;
 
+$use_searchdisabled = true;
+
 $use_searchexpired = true;
 
 $use_searchwillexpire = true;
@@ -153,6 +155,12 @@
 $use_disableaccount = false;
 $show_enablestatus = false;
 
+$use_enablecomment = false;
+$use_enablecomment_required = false;
+$use_disablecomment = false;
+$use_disablecomment_required = false;
+
+
 # Local password policy
 # This is applied before directory password policy
 # Minimal length
diff --git a/docs/enableaccount.rst b/docs/enableaccount.rst
index 8b88451..e7f6dee 100644
--- a/docs/enableaccount.rst
+++ b/docs/enableaccount.rst
@@ -31,3 +31,25 @@ To enable this feature:
 .. code-block:: php
 
     $use_disableaccount = true;
+
+Insert comment
+--------------
+
+This feature displays a comment pop-up when enabling and disabling user accounts.
+
+To enable this feature:
+
+.. code-block:: php
+
+    $use_enablecomment = true;
+    $use_disablecomment = true;
+
+Comment required
+----------------
+
+This feature ensures a comment is required before enabling/disabling a user.
+
+.. code-block:: php
+
+    $use_enablecomment_required = true;
+    $use_disablecomment_required = true;
diff --git a/htdocs/checkpassword.php b/htdocs/checkpassword.php
index 1ed709f..7322625 100644
--- a/htdocs/checkpassword.php
+++ b/htdocs/checkpassword.php
@@ -30,21 +30,29 @@
     $ldap = $ldap_connection[0];
     $result = $ldap_connection[1];
 
-    if ($use_checkpasswordhistory) {
-        $password_history = $ldapInstance->get_attribute_values($dn, "pwdHistory");
-        foreach ($password_history as $previous_password) {
-            preg_match("/(?<={).*(?=})/", $previous_password, $algorithm);
-            preg_match("/{(?<={).*/", $previous_password, $hash);
-            if (\Ltb\Password::check_password($password, $hash[0], $algorithm[0])) {
-                $result = "passwordinhistory";
+    # DN match
+    if ( !$ldapInstance->matchDn($dn, $dnAttribute, $ldap_user_filter, $ldap_user_base, $ldap_scope) ) {
+        $result = "noentriesfound";
+        error_log("LDAP - $dn not found using the configured search settings, reject request");
+    } else {
+
+        if ($use_checkpasswordhistory) {
+            $password_history = $ldapInstance->get_attribute_values($dn, "pwdHistory");
+            foreach ($password_history as $previous_password) {
+                preg_match("/(?<={).*(?=})/", $previous_password, $algorithm);
+                preg_match("/{(?<={).*/", $previous_password, $hash);
+                if (\Ltb\Password::check_password($password, $hash[0], $algorithm[0])) {
+                    $result = "passwordinhistory";
+                }
             }
         }
-    }
-    if (!$result) {
-        $bind = ldap_bind($ldap, $dn, $password);
-        $result = $bind ? "passwordok" : "ldaperror";
-    }
 
+        if (!$result) {
+            $bind = ldap_bind($ldap, $dn, $password);
+            $result = $bind ? "passwordok" : "ldaperror";
+        }
+
+    }
 }
 
 if ($audit_log_file) {
diff --git a/htdocs/disableaccount.php b/htdocs/disableaccount.php
index f54b424..916d9a8 100644
--- a/htdocs/disableaccount.php
+++ b/htdocs/disableaccount.php
@@ -6,6 +6,12 @@
 $result = "";
 $dn = "";
 $password = "";
+$comment = "";
+$returnto = "display";
+
+if (isset($_POST["returnto"]) and $_POST["returnto"]) {
+    $returnto = $_POST["returnto"];
+}
 
 if (isset($_POST["dn"]) and $_POST["dn"]) {
     $dn = $_POST["dn"];
@@ -13,6 +19,11 @@
     $result = "dnrequired";
 }
 
+if (isset($_POST["comment"]) and $_POST["comment"]) {
+    $comment = $_POST["comment"];
+}
+
+
 if (!$use_disableaccount) {
     $result = "actionforbidden";
 }
@@ -28,7 +39,11 @@
     $ldap = $ldap_connection[0];
     $result = $ldap_connection[1];
 
-    if ($ldap) {
+    # DN match
+    if ( !$ldapInstance->matchDn($dn, $dnAttribute, $ldap_user_filter, $ldap_user_base, $ldap_scope) ) {
+        $result = "noentriesfound";
+        error_log("LDAP - $dn not found using the configured search settings, reject request");
+    } else {
         if ( $directory->disableAccount($ldap, $dn) ) {
             $result = "accountdisabled";
         } else {
@@ -38,7 +53,7 @@
 }
 
 if ($audit_log_file) {
-    auditlog($audit_log_file, $dn, $audit_admin, "disableaccount", $result);
+    auditlog($audit_log_file, $dn, $audit_admin, "disableaccount", $result, $comment);
 }
 
-header('Location: index.php?page=display&dn='.$dn.'&disableaccountresult='.$result);
+header('Location: index.php?page='.$returnto.'&dn='.$dn.'&disableaccountresult='.$result);
diff --git a/htdocs/display.php b/htdocs/display.php
index 8413070..2bac508 100644
--- a/htdocs/display.php
+++ b/htdocs/display.php
@@ -64,6 +64,12 @@
 
     if ($ldap) {
 
+        # DN match
+        if ( !$ldapInstance->matchDn($dn, $dnAttribute, $ldap_user_filter, $ldap_user_base, $ldap_scope) ) {
+            $result = "noentriesfound";
+            error_log("LDAP - $dn not found using the configured search settings, reject request");
+        } else {
+
         # Search attributes
         $attributes = array();
         $search_items = array_merge($display_items, $display_password_items);
@@ -80,8 +86,8 @@
             $result = "ldaperror";
             error_log("LDAP - Search error $errno  (".ldap_error($ldap).")");
         } else {
-            $entry = ldap_get_entries($ldap, $search);
-        }
+
+        $entry = ldap_get_entries($ldap, $search);
 
         # Sort attributes values
         foreach ($entry[0] as $attr => $values) {
@@ -96,8 +102,8 @@
 
         # Get password policy configuration
         $pwdPolicyConfiguration = $directory->getPwdPolicyConfiguration($ldap, $dn, $ldap_default_ppolicy);
-        if ($ldap_lockout_duration) { $pwdPolicyConfiguration['lockout_duration'] = $ldap_lockout_durantion; }
-        if ($ldap_password_max_age) { $pwdPolicyConfiguration['password_max_age'] = $ldap_password_max_age; }
+        if (isset($ldap_lockout_duration) and $ldap_lockout_duration) { $pwdPolicyConfiguration['lockout_duration'] = $ldap_lockout_duration; }
+        if (isset($ldap_password_max_age) and $ldap_password_max_age) { $pwdPolicyConfiguration['password_max_age'] = $ldap_password_max_age; }
 
         if ($display_edit_link) {
             # Replace {dn} in URL
@@ -118,7 +124,7 @@
             $isAccountEnabled = $directory->isAccountEnabled($ldap, $dn);
         }
 
-    }
+    }}}
 }
 
 $smarty->assign("entry", $entry[0]);
diff --git a/htdocs/enableaccount.php b/htdocs/enableaccount.php
index 0756186..166eeef 100644
--- a/htdocs/enableaccount.php
+++ b/htdocs/enableaccount.php
@@ -5,16 +5,27 @@
 
 $result = "";
 $dn = "";
-$password = "";
+$comment = "";
+$returnto = "display";
+
+if (isset($_POST["returnto"]) and $_POST["returnto"]) {
+    $returnto = $_POST["returnto"];
+}
 
 if (isset($_POST["dn"]) and $_POST["dn"]) {
     $dn = $_POST["dn"];
+} else if (isset($_GET["dn"]) and $_GET["dn"]) {
+    $dn = $_GET["dn"];
 } else {
     $result = "dnrequired";
 }
 
-if (!$use_enableaccount) {
-    $result = "actionforbidden";
+if (isset($_GET["returnto"]) and $_GET["returnto"]) {
+    $returnto = $_GET["returnto"];
+}
+
+if (isset($_POST["comment"]) and $_POST["comment"]) {
+    $comment = $_POST["comment"];
 }
 
 if ($result === "") {
@@ -28,7 +39,11 @@
     $ldap = $ldap_connection[0];
     $result = $ldap_connection[1];
 
-    if ($ldap) {
+    # DN match
+    if ( !$ldapInstance->matchDn($dn, $dnAttribute, $ldap_user_filter, $ldap_user_base, $ldap_scope) ) {
+        $result = "noentriesfound";
+        error_log("LDAP - $dn not found using the configured search settings, reject request");
+    } else {
         if ( $directory->enableAccount($ldap, $dn) ) {
             $result = "accountenabled";
         } else {
@@ -38,7 +53,7 @@
 }
 
 if ($audit_log_file) {
-    auditlog($audit_log_file, $dn, $audit_admin, "enableaccount", $result);
+    auditlog($audit_log_file, $dn, $audit_admin, "enableaccount", $result, $comment);
 }
 
-header('Location: index.php?page=display&dn='.$dn.'&enableaccountresult='.$result);
+header('Location: index.php?page='.$returnto.'&dn='.$dn.'&enableaccountresult='.$result);
diff --git a/htdocs/index.php b/htdocs/index.php
index 61b9363..a1f6dbb 100644
--- a/htdocs/index.php
+++ b/htdocs/index.php
@@ -85,6 +85,8 @@
   break;
 }
 
+$dnAttribute = $directory->getDnAttribute();
+
 #==============================================================================
 # Other default values
 #==============================================================================
@@ -130,6 +132,12 @@
 $smarty->setCompileDir($compile_dir);
 $smarty->setCacheDir($cache_dir);
 $smarty->debugging = $smarty_debug;
+function sha256($string)
+{
+    return hash("sha256",$string);
+}
+$smarty->registerPlugin("modifier","sha256", "sha256");
+$smarty->registerPlugin("modifier","is_array", "is_array");
 
 if(isset($smarty_debug) && $smarty_debug == true )
 {
@@ -178,6 +186,7 @@
 $smarty->assign('show_expirestatus',$show_expirestatus);
 $smarty->assign('display_password_expiration_date',$display_password_expiration_date);
 $smarty->assign('use_searchlocked',$use_searchlocked);
+$smarty->assign('use_searchdisabled',$use_searchdisabled);
 $smarty->assign('use_searchexpired',$use_searchexpired);
 $smarty->assign('use_searchwillexpire',$use_searchwillexpire);
 $smarty->assign('use_searchidle',$use_searchidle);
@@ -186,6 +195,10 @@
 $smarty->assign('use_enableaccount',$use_enableaccount);
 $smarty->assign('use_disableaccount',$use_disableaccount);
 $smarty->assign('show_enablestatus',$show_enablestatus);
+$smarty->assign('use_enablecomment',$use_enablecomment);
+$smarty->assign('use_enablecomment_required',$use_enablecomment_required);
+$smarty->assign('use_disablecomment',$use_disablecomment);
+$smarty->assign('use_disablecomment_required',$use_disablecomment_required);
 
 
 # Assign messages
@@ -240,7 +253,9 @@
 if ( $page === "checkpassword" and !$use_checkpassword ) { $page = "welcome"; }
 if ( $page === "resetpassword" and !$use_resetpassword ) { $page = "welcome"; }
 if ( $page === "unlockaccount" and !$use_unlockaccount ) { $page = "welcome"; }
+if ( $page === "enableaccount" and !$use_enableaccount ) { $page = "welcome"; }
 if ( $page === "searchlocked" and !$use_searchlocked ) { $page = "welcome"; }
+if ( $page === "searchdisabled" and !$use_searchdisabled ) { $page = "welcome"; }
 if ( $page === "searchexpired" and !$use_searchexpired ) { $page = "welcome"; }
 if ( $page === "searchwillexpire" and !$use_searchwillexpire ) { $page = "welcome"; }
 if ( $page === "searchidle" and !$use_searchidle ) { $page = "welcome"; }
diff --git a/htdocs/lockaccount.php b/htdocs/lockaccount.php
index ad22e95..102e5c3 100644
--- a/htdocs/lockaccount.php
+++ b/htdocs/lockaccount.php
@@ -6,6 +6,11 @@
 $result = "";
 $dn = "";
 $comment = "";
+$returnto = "display";
+
+if (isset($_POST["returnto"]) and $_POST["returnto"]) {
+    $returnto = $_POST["returnto"];
+}
 
 if (isset($_POST["dn"]) and $_POST["dn"]) {
     $dn = $_POST["dn"];
@@ -28,11 +33,14 @@
     $ldap = $ldap_connection[0];
     $result = $ldap_connection[1];
 
-    if ($ldap)
-    {
+    # DN match
+    if ( !$ldapInstance->matchDn($dn, $dnAttribute, $ldap_user_filter, $ldap_user_base, $ldap_scope) ) {
+        $result = "noentriesfound";
+        error_log("LDAP - $dn not found using the configured search settings, reject request");
+    } else {
         # Get password policy configuration
         $pwdPolicyConfiguration = $directory->getPwdPolicyConfiguration($ldap, $dn, $ldap_default_ppolicy);
-        if ($ldap_lockout_duration) { $pwdPolicyConfiguration['lockout_duration'] = $ldap_lockout_durantion; }
+        if ($ldap_lockout_duration) { $pwdPolicyConfiguration['lockout_duration'] = $ldap_lockout_duration; }
         if ($ldap_password_max_age) { $pwdPolicyConfiguration['password_max_age'] = $ldap_password_max_age; }
 
         # Apply the modification only the password can be locked
@@ -50,4 +58,4 @@
     auditlog($audit_log_file, $dn, $audit_admin, "lockaccount", $result, $comment);
 }
 
-header('Location: index.php?page=display&dn='.$dn.'&lockaccountresult='.$result);
+header('Location: index.php?page='.$returnto.'&dn='.$dn.'&lockaccountresult='.$result);
diff --git a/htdocs/resetpassword.php b/htdocs/resetpassword.php
index db9e565..f442038 100644
--- a/htdocs/resetpassword.php
+++ b/htdocs/resetpassword.php
@@ -42,8 +42,11 @@
     $ldap = $ldap_connection[0];
     $result = $ldap_connection[1];
 
-    if ($ldap) {
-
+    # DN match
+    if ( !$ldapInstance->matchDn($dn, $dnAttribute, $ldap_user_filter, $ldap_user_base, $ldap_scope) ) {
+        $result = "noentriesfound";
+        error_log("LDAP - $dn not found using the configured search settings, reject request");
+    } else {
         if ( isset($prehook) || isset($posthook) ) {
             $login_search = ldap_read($ldap, $dn, '(objectClass=*)', array($prehook_login, $posthook_login));
             $login_entry = ldap_first_entry( $ldap, $login_search );
diff --git a/htdocs/searchdisabled.php b/htdocs/searchdisabled.php
new file mode 100644
index 0000000..cc3d66f
--- /dev/null
+++ b/htdocs/searchdisabled.php
@@ -0,0 +1,45 @@
+<?php
+/*
+ * Search disabled entries in LDAP directory
+ */
+
+require_once("../conf/config.inc.php");
+require __DIR__ . '/../vendor/autoload.php';
+
+[$ldap,$result,$nb_entries,$entries,$size_limit_reached] = $ldapInstance->search($ldap_user_filter, array(), $attributes_map, $search_result_title, $search_result_sortby, $search_result_items, $ldap_scope);
+
+if ( !empty($entries) )
+{
+
+    # Check if entry is still locked
+    foreach($entries as $entry_key => $entry) {
+
+        $isEnabled = $directory->isAccountEnabled($ldap, $entry['dn']);
+
+        if ( $isEnabled === true ) {
+            unset($entries[$entry_key]);
+            $nb_entries--;
+        }
+
+    }
+
+    $smarty->assign("page_title", "disabledaccounts");
+    if ($nb_entries === 0) {
+        $result = "noentriesfound";
+    } else {
+        $smarty->assign("nb_entries", $nb_entries);
+        $smarty->assign("entries", $entries);
+        $smarty->assign("size_limit_reached", $size_limit_reached);
+
+        $columns = $search_result_items;
+        if (! in_array($search_result_title, $columns)) array_unshift($columns, $search_result_title);
+        $smarty->assign("listing_columns", $columns);
+        $smarty->assign("listing_linkto",  isset($search_result_linkto) ? $search_result_linkto : array($search_result_title));
+        $smarty->assign("listing_sortby",  array_search($search_result_sortby, $columns));
+        $smarty->assign("show_undef", $search_result_show_undefined);
+        $smarty->assign("truncate_value_after", $search_result_truncate_value_after);
+        if ($use_enableaccount) { $smarty->assign("display_enable_button", true); }
+    }
+}
+
+?>
diff --git a/htdocs/searchexpired.php b/htdocs/searchexpired.php
index 8676733..658f3e0 100644
--- a/htdocs/searchexpired.php
+++ b/htdocs/searchexpired.php
@@ -15,8 +15,8 @@
 
         # Get password policy configuration
         $pwdPolicyConfiguration = $directory->getPwdPolicyConfiguration($ldap, $entry["dn"], $ldap_default_ppolicy);
-        if ($ldap_lockout_duration) { $pwdPolicyConfiguration['lockout_duration'] = $ldap_lockout_durantion; }
-        if ($ldap_password_max_age) { $pwdPolicyConfiguration['password_max_age'] = $ldap_password_max_age; }
+        if (isset($ldap_lockout_duration) and $ldap_lockout_duration) { $pwdPolicyConfiguration['lockout_duration'] = $ldap_lockout_duration; }
+        if (isset($ldap_password_max_age) and $ldap_password_max_age) { $pwdPolicyConfiguration['password_max_age'] = $ldap_password_max_age; }
 
         $isExpired = $directory->isPasswordExpired($ldap, $entry["dn"], $pwdPolicyConfiguration);
 
diff --git a/htdocs/searchlocked.php b/htdocs/searchlocked.php
index 8b10b35..f16edfc 100644
--- a/htdocs/searchlocked.php
+++ b/htdocs/searchlocked.php
@@ -16,8 +16,8 @@
 
         # Get password policy configuration
         $pwdPolicyConfiguration = $directory->getPwdPolicyConfiguration($ldap, $entry["dn"], $ldap_default_ppolicy);
-        if ($ldap_lockout_duration) { $pwdPolicyConfiguration['lockout_duration'] = $ldap_lockout_durantion; }
-        if ($ldap_password_max_age) { $pwdPolicyConfiguration['password_max_age'] = $ldap_password_max_age; }
+        if (isset($ldap_lockout_duration) and $ldap_lockout_duration) { $pwdPolicyConfiguration['lockout_duration'] = $ldap_lockout_duration; }
+        if (isset($ldap_password_max_age) and $ldap_password_max_age) { $pwdPolicyConfiguration['password_max_age'] = $ldap_password_max_age; }
 
         $isLocked = $directory->isLocked($ldap, $entry['dn'], $pwdPolicyConfiguration);
 
diff --git a/htdocs/searchwillexpire.php b/htdocs/searchwillexpire.php
index 75c609d..2f9523d 100644
--- a/htdocs/searchwillexpire.php
+++ b/htdocs/searchwillexpire.php
@@ -15,8 +15,8 @@
 
         # Get password policy configuration
         $pwdPolicyConfiguration = $directory->getPwdPolicyConfiguration($ldap, $entry["dn"], $ldap_default_ppolicy);
-        if ($ldap_lockout_duration) { $pwdPolicyConfiguration['lockout_duration'] = $ldap_lockout_durantion; }
-        if ($ldap_password_max_age) { $pwdPolicyConfiguration['password_max_age'] = $ldap_password_max_age; }
+        if (isset($ldap_lockout_duration) and $ldap_lockout_duration) { $pwdPolicyConfiguration['lockout_duration'] = $ldap_lockout_duration; }
+        if (isset($ldap_password_max_age) and $ldap_password_max_age) { $pwdPolicyConfiguration['password_max_age'] = $ldap_password_max_age; }
 
         $isWillExpire = false;
         $expirationDate = $directory->getPasswordExpirationDate($ldap, $entry["dn"], $pwdPolicyConfiguration);
diff --git a/htdocs/unlockaccount.php b/htdocs/unlockaccount.php
index 388e6ba..0f1664b 100644
--- a/htdocs/unlockaccount.php
+++ b/htdocs/unlockaccount.php
@@ -8,6 +8,10 @@
 $comment = "";
 $returnto = "display";
 
+if (isset($_POST["returnto"]) and $_POST["returnto"]) {
+    $returnto = $_POST["returnto"];
+}
+
 if (isset($_POST["dn"]) and $_POST["dn"]) {
     $dn = $_POST["dn"];
 } else if (isset($_GET["dn"]) and $_GET["dn"]) {
@@ -35,7 +39,11 @@
     $ldap = $ldap_connection[0];
     $result = $ldap_connection[1];
 
-    if ($ldap) {
+    # DN match
+    if ( !$ldapInstance->matchDn($dn, $dnAttribute, $ldap_user_filter, $ldap_user_base, $ldap_scope) ) {
+        $result = "noentriesfound";
+        error_log("LDAP - $dn not found using the configured search settings, reject request");
+    } else {
         if ( $directory->unlockAccount($ldap, $dn) ) {
             $result = "accountunlocked";
         } else {
diff --git a/lang/en.inc.php b/lang/en.inc.php
index 4024a51..2d67990 100644
--- a/lang/en.inc.php
+++ b/lang/en.inc.php
@@ -26,6 +26,7 @@
 $messages['currentpassword'] = "Current password";
 $messages['dashboards'] = "Dashboards";
 $messages['disableaccount'] = "Disable account";
+$messages['disabledaccounts'] = "Disabled accounts";
 $messages['displayentry'] = "Display entry";
 $messages['dnrequired'] = "Entry identifier required";
 $messages['editentry'] = "Edit entry";
diff --git a/lang/fr.inc.php b/lang/fr.inc.php
index da19091..e8f272d 100644
--- a/lang/fr.inc.php
+++ b/lang/fr.inc.php
@@ -8,13 +8,13 @@
 $messages['accountdisabled'] = "Le compte est désactivé";
 $messages['auditlogs'] = "Audit";
 $messages['auditlogtitle'] = "Traces d'audit pour les $audit_log_days derniers jours";
-$messages['accountlocked'] = "Le compte est bloqué";
+$messages['accountlocked'] = "Le compte est verrouillé";
 $messages['accountnotdisabled'] = "Échec de la désactivation du compte";
 $messages['accountnotenabled'] = "Échec de l'activation du compte";
-$messages['accountnotlocked'] = "Échec de blocage du compte";
-$messages['accountnotunlocked'] = "Échec de déblocage du compte";
+$messages['accountnotlocked'] = "Échec de verrouillage du compte";
+$messages['accountnotunlocked'] = "Échec de déverrouillage du compte";
 $messages['accountstatus'] = "Statut du compte";
-$messages['accountunlocked'] = "Le compte n'est pas bloqué";
+$messages['accountunlocked'] = "Le compte n'est pas verrouillé";
 $messages['actionforbidden'] = "Action interdite";
 $messages['changesubject'] = "Votre mot de passe a été changé";
 $messages['changesubjectforadmin'] = "Le mot de passe d'un utilisateur a été changé";
@@ -26,6 +26,7 @@
 $messages['currentpassword'] = "Mot de passe actuel";
 $messages['dashboards'] = "Tableaux de bord";
 $messages['disableaccount'] = "Désactiver le compte";
+$messages['disabledaccounts'] = "Comptes désactivés";
 $messages['displayentry'] = "Afficher l'entrée";
 $messages['dnrequired'] = "L'identifiant de l'entrée est requis";
 $messages['editentry'] = "Modifier l'entrée";
@@ -75,7 +76,7 @@
 $messages['label_phone'] = "Téléphone";
 $messages['label_postaladdress'] = "Adresse";
 $messages['label_postalcode'] = "Code postal";
-$messages['label_pwdaccountlockedtime'] = "Date de blocage";
+$messages['label_pwdaccountlockedtime'] = "Date de verrouillage";
 $messages['label_pwdchangedtime'] = "Dernier changement de mot de passe";
 $messages['label_pwdfailuretime'] = "Derniers échecs d'authentification";
 $messages['label_pwdgraceusetime'] = "Dernières authentifications en grâce";
@@ -89,8 +90,8 @@
 $messages['label_title'] = "Titre";
 $messages['label_user_dn'] = "Utilisateur";
 $messages['ldaperror'] = "Erreur de communication avec l'annuaire LDAP";
-$messages['lockaccount'] = "Bloquer le compte";
-$messages['lockedaccounts'] = "Comptes bloqués";
+$messages['lockaccount'] = "Verrouiller le compte";
+$messages['lockedaccounts'] = "Comptes verrouillés";
 $messages['logout'] = "Déconnexion";
 $messages['newpassword'] = "Nouveau mot de passe";
 $messages['noentriesfound'] = "Aucune entrée trouvée";
@@ -114,7 +115,7 @@
 $messages['tooltip_emailto'] = "Envoyer un email";
 $messages['tooltip_phoneto'] = "Composer ce numéro";
 $messages['true'] = "Oui";
-$messages['unlockaccount'] = "Débloquer le compte";
+$messages['unlockaccount'] = "Déverrouiller le compte";
 $messages['unlockdate'] = "Date de déblocage automatique :";
 $messages['welcome'] = "Bienvenue sur le guichet de service LDAP Tool Box";
 $messages['willexpireaccounts'] = "Mots de passe bientôt expirés";
diff --git a/lib/audit.inc.php b/lib/audit.inc.php
index 05e4b70..33ef1d7 100644
--- a/lib/audit.inc.php
+++ b/lib/audit.inc.php
@@ -44,8 +44,8 @@ function displayauditlog($audit_log_file, $audit_log_days, $audit_log_sortby, $a
 }
 
 function dateSort(array &$events, $sortkey, $audit_log_reverse) {
-  $reverse_order = fn($a, $b) => strtotime($a[$sortkey]) < strtotime($b[$sortkey]);
-  $normal_order = fn($a, $b) => strtotime($a[$sortkey]) > strtotime($b[$sortkey]);
+  $reverse_order = fn($a, $b) => strtotime($b[$sortkey]) <=> strtotime($a[$sortkey]);
+  $normal_order =  fn($a, $b) => strtotime($a[$sortkey]) <=> strtotime($b[$sortkey]);
 
   if ($audit_log_reverse) {
     usort($events, $reverse_order);
diff --git a/templates/comment.tpl b/templates/comment.tpl
index 8550a87..505552c 100644
--- a/templates/comment.tpl
+++ b/templates/comment.tpl
@@ -1,13 +1,20 @@
 <form id={$method} method="post" action="index.php?page={$page}">
     <input type="hidden" name="dn" value="{$dn}" />
-    <div class="modal fade" id="commentModal" tabindex="-1" aria-labelledby="CommentModal" aria-hidden="true">
+    <input type="hidden" name="returnto" value="{$returnto}" />
+    <div class="modal fade" id="commentModal{$method}{$dn|sha256}" tabindex="-1" aria-labelledby="CommentModal{$method}{$dn|sha256}" aria-hidden="true">
         <div class="modal-dialog">
             <div class="modal-content">
                 <div class="modal-header">
                     <h1 class="modal-title fs-5" id="CommentModal">{$title}</h1>
                 </div>
                 <div class="modal-body">
-                    <textarea class="form-control" name="comment" id="comment-{$method}" rows="3" placeholder="{$msg_insert_comment}"{if $use_lockcomment_required || $use_unlockcomment_required}required{/if}></textarea>
+                    <textarea class="form-control" name="comment" id="comment-{$method}" rows="3" placeholder="{$msg_insert_comment}"
+                    {if $method eq 'lock' || $method eq 'unlock'}
+                        {if $use_lockcomment_required || $use_unlockcomment_required}required{/if}
+                    {elseif $method eq 'enable' || $method eq 'disable'}
+                        {if $use_disablecomment_required || $use_enablecomment_required}required{/if}
+                    {/if}
+                    ></textarea>
                 </div>
                 <div class="modal-footer">
                     <button type="button" class="btn btn-secondary" data-bs-dismiss="modal">
diff --git a/templates/display.tpl b/templates/display.tpl
index fda7a7e..a8495be 100644
--- a/templates/display.tpl
+++ b/templates/display.tpl
@@ -242,7 +242,7 @@
                 <div class="alert alert-danger"><i class="fa fa-fw fa-exclamation-triangle"></i> {$msg_accountnotunlocked}</div>
                 {/if}
                 {if $use_unlockcomment}
-                    <button type="button" class="btn btn-success" data-bs-toggle="modal" data-bs-target="#commentModal">
+                    <button type="button" class="btn btn-success" data-bs-toggle="modal" data-bs-target="#commentModalunlock{$dn|sha256}">
                         <i class="fa fa-fw fa-unlock me-2"></i>{$msg_unlockaccount}
                         <i class="fa fa-fw fa-info-circle text-body-tertiary ms-2" title="{$msg_comment_needed}"></i>
                     </button>
@@ -277,7 +277,7 @@
                     <div class="alert alert-danger"><i class="fa fa-fw fa-exclamation-triangle"></i> {$msg_accountnotlocked}</div>
                 {/if}
                 {if $use_lockcomment}
-                    <button type="button" class="btn btn-success" data-bs-toggle="modal" data-bs-target="#commentModal">
+                    <button type="button" class="btn btn-success" data-bs-toggle="modal" data-bs-target="#commentModallock{$dn|sha256}">
                         <i class="fa fa-fw fa-lock me-2"></i>{$msg_lockaccount}
                         <i class="fa fa-fw fa-info-circle text-body-tertiary ms-2" title="{$msg_comment_needed}"></i>
                     </button>
@@ -322,15 +322,25 @@
             </div>
             {if $use_disableaccount}
             <div class="card-body">
-                <form id="disableaccount" method="post" action="index.php?page=disableaccount">
-                    {if $disableaccountresult eq 'ldaperror' or $disableaccountresult eq 'actionforbidden'}
-                    <div class="alert alert-danger"><i class="fa fa-fw fa-exclamation-triangle"></i> {$msg_accountnotdisabled}</div>
-                    {/if}
-                    <input type="hidden" name="dn" value="{$dn}" />
-                    <button type="submit" class="btn btn-success">
-                        <i class="fa fa-fw fa-user-slash"></i> {$msg_disableaccount}
+                {if $disableaccountresult eq 'ldaperror' or $disableaccountresult eq 'actionforbidden'}
+                <div class="alert alert-danger"><i class="fa fa-fw fa-exclamation-triangle"></i> {$msg_accountnotdisabled}</div>
+                {/if}
+                {if $use_disablecomment}
+                    <button type="button" class="btn btn-success" data-bs-toggle="modal" data-bs-target="#commentModaldisable{$dn|sha256}">
+                        <i class="fa fa-fw fa-user-slash me-2"></i>{$msg_disableaccount}
+                        <i class="fa fa-fw fa-info-circle text-body-tertiary ms-2" title="{$msg_comment_needed}"></i>
                     </button>
-                </form>
+                    <div>
+                        {include 'comment.tpl' method=disable page=disableaccount title=$msg_lockaccount}
+                    </div>
+                {else}
+                    <form id="disableaccount" method="post" action="index.php?page=disableaccount">
+                        <input type="hidden" name="dn" value="{$dn}" />
+                        <button type="submit" class="btn btn-success">
+                            <i class="fa fa-fw fa-user-slash"></i> {$msg_disableaccount}
+                        </button>
+                    </form>
+                {/if}
             </div>
             {/if}
         </div>
@@ -344,15 +354,25 @@
             </div>
             {if $use_enableaccount}
             <div class="card-body">
-                <form id="disableaccount" method="post" action="index.php?page=enableaccount">
-                    {if $enableaccountresult eq 'ldaperror' or $enableaccountresult eq 'actionforbidden'}
-                    <div class="alert alert-danger"><i class="fa fa-fw fa-exclamation-triangle"></i> {$msg_accountnotenabled}</div>
-                    {/if}
-                    <input type="hidden" name="dn" value="{$dn}" />
-                    <button type="submit" class="btn btn-success">
-                        <i class="fa fa-fw fa-user-check"></i> {$msg_enableaccount}
+                {if $enableaccountresult eq 'ldaperror' or $enableaccountresult eq 'actionforbidden'}
+                <div class="alert alert-danger"><i class="fa fa-fw fa-exclamation-triangle"></i> {$msg_accountnotenabled}</div>
+                {/if}
+                {if $use_enablecomment}
+                    <button type="button" class="btn btn-success" data-bs-toggle="modal" data-bs-target="#commentModalenable{$dn|sha256}">
+                        <i class="fa fa-fw fa-user-check me-2"></i>{$msg_enableaccount}
+                        <i class="fa fa-fw fa-info-circle text-body-tertiary ms-2" title="{$msg_comment_needed}"></i>
                     </button>
-                </form>
+                    <div>
+                        {include 'comment.tpl' method=enable page=enableaccount title=$msg_enableaccount}
+                    </div>
+                {else}
+                    <form id="disableaccount" method="post" action="index.php?page=enableaccount">
+                        <input type="hidden" name="dn" value="{$dn}" />
+                        <button type="submit" class="btn btn-success">
+                            <i class="fa fa-fw fa-user-check"></i> {$msg_enableaccount}
+                        </button>
+                    </form>
+                {/if}
             </div>
             {/if}
         </div>
diff --git a/templates/listing_table.tpl b/templates/listing_table.tpl
index 2d110e3..08a9dd0 100644
--- a/templates/listing_table.tpl
+++ b/templates/listing_table.tpl
@@ -15,10 +15,38 @@
                 <i class="fa fa-fw fa-id-card"></i>
             </a>
             {if $display_unlock_button}
-            <a href="index.php?page=unlockaccount&dn={$entry.dn|escape:'url'}&returnto=searchlocked"
-                class="btn btn-success btn-sm" role="button" title="{$msg_unlockaccount}">
-                <i class="fa fa-fw fa-unlock"></i>
-            </a>
+                {if $use_unlockcomment}
+                    <button type="button" class="btn btn-success btn-sm" data-bs-toggle="modal" data-bs-target="#commentModalunlock{$entry.dn|sha256}">
+                        <i class="fa fa-fw fa-unlock"></i>{$msg_unlockaccount}
+                        <i class="fa fa-fw fa-info-circle text-body-tertiary" title="{$msg_comment_needed}"></i>
+                    </button>
+                    <div>
+                        {include 'comment.tpl' method=unlock page=unlockaccount title=$msg_unlockaccount dn=$entry.dn returnto=$page}
+                    </div>
+                {else}
+                    <a href="index.php?page=unlockaccount&dn={$entry.dn|escape:'url'}&returnto=searchlocked"
+                       class="btn btn-success btn-sm" role="button" title="{$msg_unlockaccount}">
+                        <i class="fa fa-fw fa-unlock"></i>
+                    </a>
+                {/if}
+            {/if}
+            {if $display_enable_button}
+                {if $use_enablecomment}
+                    <button type="button" class="btn btn-success btn-sm" data-bs-toggle="modal" data-bs-target="#commentModalenable{$entry.dn|sha256}">
+                        <i class="fa fa-fw fa-user-check"></i>{$msg_enableaccount}
+                        <i class="fa fa-fw fa-info-circle text-body-tertiary" title="{$msg_comment_needed}"></i>
+                    </button>
+                    <div>
+                        {include 'comment.tpl' method=enable page=enableaccount title=$msg_enableaccount dn=$entry.dn returnto=$page}
+                    </div>
+                {else}
+                    <a href="index.php?page=enableaccount&dn={$entry.dn|escape:'url'}&returnto=searchdisabled"
+                       class="btn btn-success btn-sm" role="button" title="{$msg_enableaccount}">
+                        <i class="fa fa-fw fa-user-check"></i>
+                    </a>
+                {/if}
+
+
             {/if}
         </th>
         {foreach $listing_columns as $column}
@@ -59,6 +87,12 @@
                     <i class="fa fa-fw fa-unlock"></i>
                 </a>
                 {/if}
+                {if $display_enable_button}
+                <a href="index.php?page=enableaccount&dn={$event.dn|escape:'url'}&returnto=searchdisabled"
+                    class="btn btn-success btn-sm" role="button" title="{$msg_enableaccount}">
+                    <i class="fa fa-fw fa-person-circle-check"></i>
+                </a>
+                {/if}
             </th>
             {foreach $listing_columns as $column}
             <td>
diff --git a/templates/menu.tpl b/templates/menu.tpl
index f13dc45..7dffbde 100644
--- a/templates/menu.tpl
+++ b/templates/menu.tpl
@@ -14,13 +14,16 @@
 
             <div class="navbar-collapse collapse" id="navbarSupportedContent">
               <ul class="nav navbar-nav me-auto mb-2 mb-lg-0">
-                {if $use_searchlocked or $use_searchwillexpire or $use_searchexpired or $use_searchidle}
+                {if $use_searchlocked or $use_searchdisabled or $use_searchwillexpire or $use_searchexpired or $use_searchidle}
                 <li class="nav-item dropdown">
                   <a href="#" class="nav-link dropdown-toggle" data-bs-toggle="dropdown" role="button" aria-haspopup="true" aria-expanded="false"><i class="fa fa-fw fa-dashboard"></i> {$msg_dashboards}<span class="caret"></span></a>
                   <ul class="dropdown-menu">
                       {if $use_searchlocked}
                       <li><a href="index.php?page=searchlocked" class="dropdown-item"><i class="fa fa-fw fa-lock"></i> {$msg_lockedaccounts}</a></li>
                       {/if}
+                      {if $use_searchdisabled}
+                      <li><a href="index.php?page=searchdisabled" class="dropdown-item"><i class="fa fa-fw fa-user-slash"></i> {$msg_disabledaccounts}</a></li>
+                      {/if}
                       {if $use_searchwillexpire}
                       <li><a href="index.php?page=searchwillexpire" class="dropdown-item"><i class="fa fa-fw fa-hourglass-half"></i> {$msg_willexpireaccounts}</a></li>
                       {/if}
diff --git a/templates/searchdisabled.tpl b/templates/searchdisabled.tpl
new file mode 100644
index 0000000..6558c53
--- /dev/null
+++ b/templates/searchdisabled.tpl
@@ -0,0 +1,11 @@
+<div class="alert alert-warning">
+    {$nb_entries} {if $nb_entries==1}{$msg_entryfound}{else}{$msg_entriesfound}{/if}
+</div>
+
+{if {$size_limit_reached}}
+<div class="alert alert-warning"><i class="fa fa-fw fa-exclamation-triangle"></i> {$msg_sizelimit}</div>
+{/if}
+
+<table id="search-listing" class="table table-striped table-hover table-condensed dataTable">
+    {include 'listing_table.tpl' display="search"}
+</table>