Hi Sebastien, Following are the userAccountControl line of ours.we are using zero(0),what value i need to change.i too tried with one(1) and two(2) also
lsc.syncoptions.ADuser.userAccountControl.force_value = AD.userAccountControlSet( "0", [AD.UAC_SET_NORMAL_ACCOUNT, AD.UAC_UNSET_ACCOUNTDISABLE]) Regards, Manivannan On 3/20/12, Sébastien Bahloul <[email protected]> wrote: > Hi Manni, > > OK, thanks for the details. So can you look at the userAccountControl > attribute of a successfully synchronized account and give the > corresponding value ? It should not be 0 and another value may have > an impact on the fact that the account is disabled. > > Regards, > -- > Sebastien BAHLOUL > IAM / Security specialist > Ldap Synchronization Connector : http://lsc-project.org > Blog : http://sbahloul.wordpress.com/ > > > > 2012/3/20 mani vannan <[email protected]>: >> Hi Sebastian, >> >> we already using Apache Directory Studio.Even we can able to browse our >> directory. >> >> we are not getting any error while synchronizing.we are able to sync users >> from LDAP to AD but the issue is all the user account are disabled in AD >> while synchronization. >> >> Regards, >> Manivannan >> >> >> On Tue, Mar 20, 2012 at 3:16 AM, Sébastien Bahloul >> <[email protected]> wrote: >>> >>> Hi Manni, >>> >>> I suggest that you install and configure Apache Directory Studio and >>> browse your directory. >>> >>> Can you check that you are not encountering any error while synchronizing >>> ? >>> >>> I'm sorry but I've not any "ready to use" sample that is validated for >>> AD 2003. All the documentation is available on the lsc-project.org >>> website. >>> >>> Regards, >>> -- >>> Sebastien BAHLOUL >>> IAM / Security specialist >>> Ldap Synchronization Connector : http://lsc-project.org >>> Blog : http://sbahloul.wordpress.com/ >>> >>> >>> >>> 2012/3/20 mani vannan <[email protected]>: >>> > Hi Sebastien, >>> > >>> > How to find that stored value in AD? >>> > Kindly send me the lsc.properties file of yours which works. >>> > we are having the same issue which the the following thread has >>> > >>> > http://lists.lsc-project.org/pipermail/lsc-users/2011-April/000532.html >>> > >>> > Regards, >>> > Mani >>> > >>> > On 3/20/12, Sébastien Bahloul <[email protected]> wrote: >>> >> Hi Manni, >>> >> >>> >> This is the value you are trying to enforce, but is this also the >>> >> value that is really stored by your AD ? Because AD is doing lots of >>> >> hidden operations behind the LDAP interface ... >>> >> >>> >> Regards >>> >> -- >>> >> Sebastien BAHLOUL >>> >> IAM / Security specialist >>> >> Ldap Synchronization Connector : http://lsc-project.org >>> >> Blog : http://sbahloul.wordpress.com/ >>> >> >>> >> >>> >> >>> >> 2012/3/20 mani vannan <[email protected]>: >>> >>> Hi Sebastien, >>> >>> >>> >>> we are using value zero(0) for that userAccountControl >>> >>> attribute.even >>> >>> i tried with value two(2) but no solution.Will you please send me the >>> >>> lsc.properties file of yours which works fine. >>> >>> >>> >>> Regards, >>> >>> Mani >>> >>> >>> >>> On 3/20/12, Sébastien Bahloul <[email protected]> wrote: >>> >>>> Hi Mannu, >>> >>>> >>> >>>> Can you look at the value that your users have in the >>> >>>> userAccountControl attribute ? >>> >>>> >>> >>>> If you look at the various bits, you should have the bit 2 (2 or 0) >>> >>>> unset. >>> >>>> >>> >>>> Regards, >>> >>>> -- >>> >>>> Sebastien BAHLOUL >>> >>>> IAM / Security specialist >>> >>>> Ldap Synchronization Connector : http://lsc-project.org >>> >>>> Blog : http://sbahloul.wordpress.com/ >>> >>>> >>> >>>> >>> >>>> >>> >>>> 2012/3/20 mani vannan <[email protected]>: >>> >>>>> Hi Sebastien, >>> >>>>> >>> >>>>> We are able to sync users from LDAP to AD 2003.but the issue is >>> >>>>> while >>> >>>>> synchronising from LDAP to AD 2003 all the user accounts are >>> >>>>> disabled >>> >>>>> in AD.Kindly find the attachment of our lsc.properties file.Please >>> >>>>> guide me what changes i need to do for enabling disabled users in >>> >>>>> AD. >>> >>>>> >>> >>>>> Regards, >>> >>>>> Manivannan >>> >>>>> >>> >>>>> On 3/20/12, Sébastien Bahloul <[email protected]> wrote: >>> >>>>>> Hi Manni, >>> >>>>>> >>> >>>>>> It should support AD 2003 ! Can you describe exactly what issue >>> >>>>>> you >>> >>>>>> are encountering ? >>> >>>>>> >>> >>>>>> Regards, >>> >>>>>> -- >>> >>>>>> Sebastien BAHLOUL >>> >>>>>> IAM / Security specialist >>> >>>>>> Ldap Synchronization Connector : http://lsc-project.org >>> >>>>>> Blog : http://sbahloul.wordpress.com/ >>> >>>>>> >>> >>>>>> >>> >>>>>> >>> >>>>>> 2012/3/20 mani vannan <[email protected]>: >>> >>>>>>> Hi Sebastien, >>> >>>>>>> >>> >>>>>>> First of all Thanks for your quick response.Actually first we >>> >>>>>>> tried in >>> >>>>>>> AD >>> >>>>>>> 2008 it works fine.but the issue is its not working in AD >>> >>>>>>> 2003.will >>> >>>>>>> you >>> >>>>>>> please reply me whether LSC project supports AD 2003 or >>> >>>>>>> not.waiting >>> >>>>>>> for >>> >>>>>>> your >>> >>>>>>> reply. >>> >>>>>>> >>> >>>>>>> Regards, >>> >>>>>>> Manivannan. >>> >>>>>>> >>> >>>>>>> On Mon, Mar 19, 2012 at 1:03 AM, Sébastien Bahloul >>> >>>>>>> <[email protected]> wrote: >>> >>>>>>>> >>> >>>>>>>> Hi Manni, >>> >>>>>>>> >>> >>>>>>>> I suggest that you take a look at the following pages : >>> >>>>>>>> >>> >>>>>>>> >>> >>>>>>>> >>> >>>>>>>> http://lsc-project.org/wiki/documentation/2.0/configuration/syncoptions/activedirectory >>> >>>>>>>> >>> >>>>>>>> >>> >>>>>>>> http://lsc-project.org/javadoc/latest/org/lsc/utils/directory/AD.html#userAccountControlSet(int, >>> >>>>>>>> java.lang.String[]) >>> >>>>>>>> >>> >>>>>>>> If you still have any question, please ask them through this >>> >>>>>>>> list >>> >>>>>>>> :) >>> >>>>>>>> >>> >>>>>>>> Regards, >>> >>>>>>>> >>> >>>>>>>> -- >>> >>>>>>>> Sebastien BAHLOUL >>> >>>>>>>> IAM / Security specialist >>> >>>>>>>> Ldap Synchronization Connector : http://lsc-project.org >>> >>>>>>>> Blog : http://sbahloul.wordpress.com/ >>> >>>>>>>> >>> >>>>>>>> >>> >>>>>>>> >>> >>>>>>>> 2012/3/19 mani vannan <[email protected]>: >>> >>>>>>>> > I'm been able to sync users from our OpenLDAP server to our >>> >>>>>>>> > AD, >>> >>>>>>>> > but >>> >>>>>>>> > the >>> >>>>>>>> > issue is all the users are disabled while synchronizing from >>> >>>>>>>> > LDAP >>> >>>>>>>> > to >>> >>>>>>>> > AD >>> >>>>>>>> > .Kindly provide a solution for me. >>> >>>>>>>> > >>> >>>>>>>> > Regards, >>> >>>>>>>> > >>> >>>>>>>> > Manivannan >>> >>>>>>>> > >>> >>>>>>>> > >>> >>>>>>>> > _______________________________________________________________ >>> >>>>>>>> > Ldap Synchronization Connector (LSC) - http://lsc-project.org >>> >>>>>>>> > >>> >>>>>>>> > lsc-users mailing list >>> >>>>>>>> > [email protected] >>> >>>>>>>> > http://lists.lsc-project.org/listinfo/lsc-users >>> >>>>>>>> > >>> >>>>>>> >>> >>>>>>> >>> >>>>>> >>> >>>> >>> >> >> >> > _______________________________________________________________ Ldap Synchronization Connector (LSC) - http://lsc-project.org lsc-users mailing list [email protected] http://lists.lsc-project.org/listinfo/lsc-users
