Hi, I think that the answer is here : You need to provide a password for the account, else account is automatically disabled.
LDAPS is required on AD to update the password. Regards, LMP On 01/05/14 23:15, Deividas haspo wrote: > Hi, > I'm trying to create openldap2ad synchronization. Everything works > fine, but there is one simple thing and I can't figure out whats wrong. > I need that after sync all accounts would be normal (not disabled), > password never expires, user can't change password and uncheck field > in AD "User must change password at next login". > > I've tried many things, but nothing. Now I got this: > > <dataset> > <name>userAccountControl</name> > <policy>KEEP</policy> > <forceValues> > <string>AD.userAccountControlSet( "0", > [AD.UAC_SET_NORMAL_ACCOUNT, AD.UAC_SET_DONT_EXPIRE_PASSWORD]); > AD.userAccountControlSet( "1", > AD.UAC_SET_PASSWD_CANT_CHANGE]) > </string> > </forceValues> > </dataset> > > p.s I tried to set all to "0". > > Thanks. > > > _______________________________________________________________ > Ldap Synchronization Connector (LSC) - http://lsc-project.org > > lsc-users mailing list > [email protected] > http://lists.lsc-project.org/listinfo/lsc-users
_______________________________________________________________ Ldap Synchronization Connector (LSC) - http://lsc-project.org lsc-users mailing list [email protected] http://lists.lsc-project.org/listinfo/lsc-users
