Hi Manni, OK, thanks for the details. So can you look at the userAccountControl attribute of a successfully synchronized account and give the corresponding value ? It should not be 0 and another value may have an impact on the fact that the account is disabled.
Regards, -- Sebastien BAHLOUL IAM / Security specialist Ldap Synchronization Connector : http://lsc-project.org Blog : http://sbahloul.wordpress.com/ 2012/3/20 mani vannan <[email protected]>: > Hi Sebastian, > > we already using Apache Directory Studio.Even we can able to browse our > directory. > > we are not getting any error while synchronizing.we are able to sync users > from LDAP to AD but the issue is all the user account are disabled in AD > while synchronization. > > Regards, > Manivannan > > > On Tue, Mar 20, 2012 at 3:16 AM, Sébastien Bahloul > <[email protected]> wrote: >> >> Hi Manni, >> >> I suggest that you install and configure Apache Directory Studio and >> browse your directory. >> >> Can you check that you are not encountering any error while synchronizing >> ? >> >> I'm sorry but I've not any "ready to use" sample that is validated for >> AD 2003. All the documentation is available on the lsc-project.org >> website. >> >> Regards, >> -- >> Sebastien BAHLOUL >> IAM / Security specialist >> Ldap Synchronization Connector : http://lsc-project.org >> Blog : http://sbahloul.wordpress.com/ >> >> >> >> 2012/3/20 mani vannan <[email protected]>: >> > Hi Sebastien, >> > >> > How to find that stored value in AD? >> > Kindly send me the lsc.properties file of yours which works. >> > we are having the same issue which the the following thread has >> > >> > http://lists.lsc-project.org/pipermail/lsc-users/2011-April/000532.html >> > >> > Regards, >> > Mani >> > >> > On 3/20/12, Sébastien Bahloul <[email protected]> wrote: >> >> Hi Manni, >> >> >> >> This is the value you are trying to enforce, but is this also the >> >> value that is really stored by your AD ? Because AD is doing lots of >> >> hidden operations behind the LDAP interface ... >> >> >> >> Regards >> >> -- >> >> Sebastien BAHLOUL >> >> IAM / Security specialist >> >> Ldap Synchronization Connector : http://lsc-project.org >> >> Blog : http://sbahloul.wordpress.com/ >> >> >> >> >> >> >> >> 2012/3/20 mani vannan <[email protected]>: >> >>> Hi Sebastien, >> >>> >> >>> we are using value zero(0) for that userAccountControl attribute.even >> >>> i tried with value two(2) but no solution.Will you please send me the >> >>> lsc.properties file of yours which works fine. >> >>> >> >>> Regards, >> >>> Mani >> >>> >> >>> On 3/20/12, Sébastien Bahloul <[email protected]> wrote: >> >>>> Hi Mannu, >> >>>> >> >>>> Can you look at the value that your users have in the >> >>>> userAccountControl attribute ? >> >>>> >> >>>> If you look at the various bits, you should have the bit 2 (2 or 0) >> >>>> unset. >> >>>> >> >>>> Regards, >> >>>> -- >> >>>> Sebastien BAHLOUL >> >>>> IAM / Security specialist >> >>>> Ldap Synchronization Connector : http://lsc-project.org >> >>>> Blog : http://sbahloul.wordpress.com/ >> >>>> >> >>>> >> >>>> >> >>>> 2012/3/20 mani vannan <[email protected]>: >> >>>>> Hi Sebastien, >> >>>>> >> >>>>> We are able to sync users from LDAP to AD 2003.but the issue is >> >>>>> while >> >>>>> synchronising from LDAP to AD 2003 all the user accounts are >> >>>>> disabled >> >>>>> in AD.Kindly find the attachment of our lsc.properties file.Please >> >>>>> guide me what changes i need to do for enabling disabled users in >> >>>>> AD. >> >>>>> >> >>>>> Regards, >> >>>>> Manivannan >> >>>>> >> >>>>> On 3/20/12, Sébastien Bahloul <[email protected]> wrote: >> >>>>>> Hi Manni, >> >>>>>> >> >>>>>> It should support AD 2003 ! Can you describe exactly what issue you >> >>>>>> are encountering ? >> >>>>>> >> >>>>>> Regards, >> >>>>>> -- >> >>>>>> Sebastien BAHLOUL >> >>>>>> IAM / Security specialist >> >>>>>> Ldap Synchronization Connector : http://lsc-project.org >> >>>>>> Blog : http://sbahloul.wordpress.com/ >> >>>>>> >> >>>>>> >> >>>>>> >> >>>>>> 2012/3/20 mani vannan <[email protected]>: >> >>>>>>> Hi Sebastien, >> >>>>>>> >> >>>>>>> First of all Thanks for your quick response.Actually first we >> >>>>>>> tried in >> >>>>>>> AD >> >>>>>>> 2008 it works fine.but the issue is its not working in AD >> >>>>>>> 2003.will >> >>>>>>> you >> >>>>>>> please reply me whether LSC project supports AD 2003 or >> >>>>>>> not.waiting >> >>>>>>> for >> >>>>>>> your >> >>>>>>> reply. >> >>>>>>> >> >>>>>>> Regards, >> >>>>>>> Manivannan. >> >>>>>>> >> >>>>>>> On Mon, Mar 19, 2012 at 1:03 AM, Sébastien Bahloul >> >>>>>>> <[email protected]> wrote: >> >>>>>>>> >> >>>>>>>> Hi Manni, >> >>>>>>>> >> >>>>>>>> I suggest that you take a look at the following pages : >> >>>>>>>> >> >>>>>>>> >> >>>>>>>> >> >>>>>>>> http://lsc-project.org/wiki/documentation/2.0/configuration/syncoptions/activedirectory >> >>>>>>>> >> >>>>>>>> >> >>>>>>>> http://lsc-project.org/javadoc/latest/org/lsc/utils/directory/AD.html#userAccountControlSet(int, >> >>>>>>>> java.lang.String[]) >> >>>>>>>> >> >>>>>>>> If you still have any question, please ask them through this list >> >>>>>>>> :) >> >>>>>>>> >> >>>>>>>> Regards, >> >>>>>>>> >> >>>>>>>> -- >> >>>>>>>> Sebastien BAHLOUL >> >>>>>>>> IAM / Security specialist >> >>>>>>>> Ldap Synchronization Connector : http://lsc-project.org >> >>>>>>>> Blog : http://sbahloul.wordpress.com/ >> >>>>>>>> >> >>>>>>>> >> >>>>>>>> >> >>>>>>>> 2012/3/19 mani vannan <[email protected]>: >> >>>>>>>> > I'm been able to sync users from our OpenLDAP server to our AD, >> >>>>>>>> > but >> >>>>>>>> > the >> >>>>>>>> > issue is all the users are disabled while synchronizing from >> >>>>>>>> > LDAP >> >>>>>>>> > to >> >>>>>>>> > AD >> >>>>>>>> > .Kindly provide a solution for me. >> >>>>>>>> > >> >>>>>>>> > Regards, >> >>>>>>>> > >> >>>>>>>> > Manivannan >> >>>>>>>> > >> >>>>>>>> > >> >>>>>>>> > _______________________________________________________________ >> >>>>>>>> > Ldap Synchronization Connector (LSC) - http://lsc-project.org >> >>>>>>>> > >> >>>>>>>> > lsc-users mailing list >> >>>>>>>> > [email protected] >> >>>>>>>> > http://lists.lsc-project.org/listinfo/lsc-users >> >>>>>>>> > >> >>>>>>> >> >>>>>>> >> >>>>>> >> >>>> >> >> > > _______________________________________________________________ Ldap Synchronization Connector (LSC) - http://lsc-project.org lsc-users mailing list [email protected] http://lists.lsc-project.org/listinfo/lsc-users
