Hi Rich,
first, thanks for the answer.
The attribute in the active directory that controls whether the user is
active or not is "userAccountControl" the value for active accounts is
"512" and for deactivated accounts it is "514" ( both decimal ).
There are several more possible values, those can be found here
http://support.microsoft.com/kb/305144
I think there are some more interesting values for synchronization, e.g.
- PASSWORD_EXPIRED
- LOCKOUT
if there is a way to synch this values somehow it would be great.
Regards
Soeren
Rich Megginson <rmeggins(a)redhat.com>
Sent by: fedora-directory-users-bounces(a)redhat.com
09.05.2008 17:34
Please respond to
"General discussion list for the Fedora Directory server project."
<fedora-directory-users(a)redhat.com>
To
"General discussion list for the Fedora Directory server project."
<fedora-directory-users(a)redhat.com>
cc
Subject
Re: [Fedora-directory-users] FDS - AD: sync deactivated status
Sören Malchow wrote:
Dear all,
i have a FDS with synchronization to an AD up and running, everything
including password sync is fine, the only attribute that is needed and
not synching is whether the user is deactivated or not.
I can deactive users seperately in FDS or AD but it does not sync,
after alot of research i could not find a solution for that, can
someone please point me the way ?
That is not currently supported. What is the AD
attribute that tells
whether a user is active or not?
Regards
Soeren
------------------------------------------------------------------------
--
Fedora-directory-users mailing list
Fedora-directory-users(a)redhat.com
https://www.redhat.com/mailman/listinfo/fedora-directory-users
--
Fedora-directory-users mailing list
Fedora-directory-users(a)redhat.com
https://www.redhat.com/mailman/listinfo/fedora-directory-users