[Fedora-directory-users] Win Sync and userAccountControl
John Dickinson
jad at jadickinson.co.uk
Thu Oct 30 10:00:15 UTC 2008
Hi,
I am testing what happens when you create a new user and sync it to
AD. Using Fedora DS 1.1.3 and AD 2003 R2 SP2.
If I use the console to create a new user and tick the Enable NT User
Attributes, Create New NT Account etc the new user appears in AD but
is disabled.
Looking at the code it seems that send_accountcontrol_modify() gets
the userAccountControl settings from AD adds 0x0200 (Normal Account)
and sends it back.
Looking at the traffic between Fedora DS and AD it appears that Fedora
DS is getting ACCOUNTDISABLE in userAccountControl from AD.
Should FedoraDS be unsetting ACCOUNTDISABLE or should AD not be
setting it in the first place? If it is a problem with AD then can
anyone point me to where I tell it to do the right thing?
Thanks
John
More information about the Fedora-directory-users
mailing list