[Fedora-directory-users] FDS - AD: sync deactivated status

Paolo Barbato paolo.barbato at igi.cnr.it
Tue May 13 06:50:17 UTC 2008 

I also "sponsor" to add these values in sync. Actually I simply plan  
to give the same expiration date both to AD and FD .

Regards,
Paolo.

On 12/mag/08, at 17:41, Rich Megginson wrote:

> Sören Malchow wrote:
>>
>> Hi Rich,
>>
>> first, thanks for the answer.
>>
>> The attribute in the active directory that controls whether the  
>> user is active or not is "userAccountControl" the value for active  
>> accounts is "512" and for deactivated accounts it is "514" ( both  
>> decimal ).
>>
>> There are several more possible values, those can be found here
>>
>> http://support.microsoft.com/kb/305144
>>
>> I think there are some more interesting values for synchronization,  
>> e.g.
>>
>> - PASSWORD_EXPIRED
>> - LOCKOUT
>>
>> if there is a way to synch this values somehow it would be great.
> There is not a way right now.  However, please file a bug at  
> bugzilla.redhat.com against Fedora Directory Server to request this  
> to be supported.
>>
>> Regards
>> Soeren
>>
>>
>>
>>
>>
>> *Rich Megginson <rmeggins at redhat.com>*
>> Sent by: fedora-directory-users-bounces at redhat.com
>>
>> 09.05.2008 17:34
>> Please respond to
>> "General discussion list for the Fedora Directory server  
>> project."        <fedora-directory-users at redhat.com>
>>
>>
>> 	
>> To
>> 	"General discussion list for the Fedora Directory server project."  
>> <fedora-directory-users at redhat.com>
>> cc
>> 	
>> Subject
>> 	Re: [Fedora-directory-users] FDS - AD: sync deactivated status
>>
>>
>>
>> 	
>>
>>
>>
>>
>>
>> Sören Malchow wrote:
>> >
>> > Dear all,
>> >
>> > i have a FDS with synchronization to an AD up and running,  
>> everything
>> > including password sync is fine, the only attribute that is  
>> needed and
>> > not synching is whether the user is deactivated or not.
>> >
>> > I can deactive users seperately in FDS or AD but it does not sync,
>> > after alot of research i could not find a solution for that, can
>> > someone please point me the way ?
>> That is not currently supported.  What is the AD attribute that tells
>> whether a user is active or not?
>> >
>> >
>> > Regards
>> > Soeren
>> >  
>> ------------------------------------------------------------------------
>> >
>> > --
>> > Fedora-directory-users mailing list
>> > Fedora-directory-users at redhat.com
>> > https://www.redhat.com/mailman/listinfo/fedora-directory-users
>> >
>>
>> --
>> Fedora-directory-users mailing list
>> Fedora-directory-users at redhat.com
>> https://www.redhat.com/mailman/listinfo/fedora-directory-users
>>
>> ------------------------------------------------------------------------
>>
>> --
>> Fedora-directory-users mailing list
>> Fedora-directory-users at redhat.com
>> https://www.redhat.com/mailman/listinfo/fedora-directory-users
>>
>
>
> --
> Fedora-directory-users mailing list
> Fedora-directory-users at redhat.com
> https://www.redhat.com/mailman/listinfo/fedora-directory-users

------------------------------------------------------------------------------------------------
Paolo Barbato               email: mailto:paolo.barbato at igi.cnr.it
Network Administrator   phone: (39-049)-829-5097
                                             (39-049)-829-5000
Corso Stati Uniti,4            www: http://www.igi.cnr.it
35127 Camin-Padova       PGP: http://www.igi.cnr.it/wwwpgp/rfx_paolo_barbato.pgp
ITALY                      JabberID: rfx_paolo_barbato at messenger.efda.org
------------------------------------------------------------------------------------------------

More information about the Fedora-directory-users mailing list