[Freeipa-devel] User status
Martin Kosek
mkosek at redhat.com
Wed Apr 9 12:40:51 UTC 2014
On 04/09/2014 02:37 PM, Massimiliano Perrone (tirasa.net) wrote:
> On 04/09/2014 02:01 PM, Martin Kosek wrote:
>> On 04/09/2014 01:30 PM, Massimiliano Perrone (tirasa.net) wrote:
>>> Hi guys,
>>> is there any way to check the user status on ldap server?
>>>
>>> Thanks and regards,
>>>
>>> Massi
>>>
>> Hello,
>>
>> It depends what you mean by status. We have a command to get a lock/auth status
>> of a user with user-status command:
>>
>> # ipa user-status fbar
>> -----------------------
>> Account disabled: False
>> -----------------------
>> Server: ipa.example.com
>> Failed logins: 0
>> Last successful authentication: 2014-04-09T12:00:39Z
>> Last failed authentication: N/A
>> Time now: 2014-04-09T12:00:42Z
>> ----------------------------
>> Number of entries returned 1
>> ----------------------------
>>
>> Martin
>
> Hi Martin,
> thanks for your quick reply and I'm sorry to have been unclear.
>
> For user status I mean only the value of "Account disabled" label pasted above.
> And if that value is also saved on as ldap server attribute.
>
> Massi
>
You can either see nsaccountlock attribute in user entry in LDAP or a return
value from FreeIPA API:
# ipa user-disable fbar
----------------------------
Disabled user account "fbar"
----------------------------
# ipa user-show fbar
...
Account disabled: True
...
Martin
More information about the Freeipa-devel
mailing list