I think i was not as explicit as i would like.

As you know, in openldap when we want to locked a user , the operational
attribute "pwdAccountLockedTIme" is create with a value inside.
This operational attribute doesn't exist for others users.

I need to check if this operational attribute exist or not. I don't find
on the www how to do this.

Thank you for your help
LMP


On 27/02/14 15:08, Plumel Louis-Marie wrote:
> Ok i understand how it works, but i don't how to test if this
> operational attribute exists or not.
>
> thanks
>
> LMP
>
>
> On 26/02/14 16:07, Clément OUDOT wrote:
>>
>>
>>
>> 2014-02-26 16:03 GMT+01:00 Plumel Louis-Marie
>> <[email protected] <mailto:[email protected]>>:
>>
>>     Thank you Clément,
>>     But i did an bad request or not as explicit as i would like.
>>
>>     I know that if i want to disable a user in openldap, i had to put
>>     a value in pwdAccountLockedTime. (But when i use an ldapbrowser i
>>     do not see this name pwdAccountLockedTime, but i know it exists.)
>>
>>
>> It is an operational attribute, like modifyTimestamp.
>>
>>  
>>
>>
>>     My question is how i can test if there is a value or not in
>>     pwdAccounLockedTime ? I'm sorry to ask such question but i'm not
>>     a specialist of LDAP.
>>     When i will know how to check this value, i want to disable or
>>     not users in AD.
>>
>>
>>
>> See the password policy draft :
>> http://tools.ietf.org/id/draft-behera-ldap-password-policy-09.txt
>>
>> 5.3.3  pwdAccountLockedTime
>>
>>    This attribute holds the time that the user's account was locked.  A
>>    locked account means that the password may no longer be used to
>>    authenticate.  A 000001010000Z value means that the account has been
>>    locked permanently, and that only a password administrator can unlock
>>    the account.
>>
>>       ( 1.3.6.1.4.1.42.2.27.8.1.17
>>       NAME 'pwdAccountLockedTime'
>>       DESC 'The time an user account was locked'
>>       EQUALITY generalizedTimeMatch
>>       ORDERING generalizedTimeOrderingMatch
>>       SYNTAX 1.3.6.1.4.1.1466.115.121.1.24
>>       SINGLE-VALUE
>>       NO-USER-MODIFICATION
>>       USAGE directoryOperation )
>>
>>
>>
>> Clément.
>
>
>
> _______________________________________________________________
> Ldap Synchronization Connector (LSC) - http://lsc-project.org
>
> lsc-users mailing list
> [email protected]
> http://lists.lsc-project.org/listinfo/lsc-users

_______________________________________________________________
Ldap Synchronization Connector (LSC) - http://lsc-project.org

lsc-users mailing list
[email protected]
http://lists.lsc-project.org/listinfo/lsc-users

Reply via email to