[Fedora-directory-users] Win Sync and userAccountControl
Rich Megginson
rmeggins at redhat.com
Thu Oct 30 14:41:44 UTC 2008
John Dickinson wrote:
> Hi,
>
> I am testing what happens when you create a new user and sync it to
> AD. Using Fedora DS 1.1.3 and AD 2003 R2 SP2.
>
> If I use the console to create a new user and tick the Enable NT User
> Attributes, Create New NT Account etc the new user appears in AD but
> is disabled.
>
> Looking at the code it seems that send_accountcontrol_modify() gets
> the userAccountControl settings from AD adds 0x0200 (Normal Account)
> and sends it back.
>
> Looking at the traffic between Fedora DS and AD it appears that Fedora
> DS is getting ACCOUNTDISABLE in userAccountControl from AD.
>
> Should FedoraDS be unsetting ACCOUNTDISABLE or should AD not be
> setting it in the first place? If it is a problem with AD then can
> anyone point me to where I tell it to do the right thing?
Does AD have some sort of setting that tells it to disable new
accounts? What happens if you create new accounts directly in AD?
>
> Thanks
> John
>
> --
> Fedora-directory-users mailing list
> Fedora-directory-users at redhat.com
> https://www.redhat.com/mailman/listinfo/fedora-directory-users
More information about the Fedora-directory-users
mailing list