On 04/09/2014 02:37 PM, Massimiliano Perrone (tirasa.net) wrote: > On 04/09/2014 02:01 PM, Martin Kosek wrote: >> On 04/09/2014 01:30 PM, Massimiliano Perrone (tirasa.net) wrote: >>> Hi guys, >>> is there any way to check the user status on ldap server? >>> >>> Thanks and regards, >>> >>> Massi >>> >> Hello, >> >> It depends what you mean by status. We have a command to get a lock/auth >> status >> of a user with user-status command: >> >> # ipa user-status fbar >> ----------------------- >> Account disabled: False >> ----------------------- >> Server: ipa.example.com >> Failed logins: 0 >> Last successful authentication: 2014-04-09T12:00:39Z >> Last failed authentication: N/A >> Time now: 2014-04-09T12:00:42Z >> ---------------------------- >> Number of entries returned 1 >> ---------------------------- >> >> Martin > > Hi Martin, > thanks for your quick reply and I'm sorry to have been unclear. > > For user status I mean only the value of "Account disabled" label pasted > above. > And if that value is also saved on as ldap server attribute. > > Massi >
You can either see nsaccountlock attribute in user entry in LDAP or a return value from FreeIPA API: # ipa user-disable fbar ---------------------------- Disabled user account "fbar" ---------------------------- # ipa user-show fbar ... Account disabled: True ... Martin _______________________________________________ Freeipa-devel mailing list [email protected] https://www.redhat.com/mailman/listinfo/freeipa-devel
