> On 12 Oct 2016, at 18:08 , Clément OUDOT <[email protected]> > wrote: > > Le 12/10/2016 à 14:20, BÖSCH Christian a écrit : >> hello, >> >> we create entries for computers in openldap to feed services like dhcp, >> radius etc. >> now i would like to use lsc (i already use it for syncing users from >> openldap to AD), >> to create computer accounts in AD for the computer entires in openldap. >> >> have someone already done this? > > No, but using the computer objectClass in AD should be enough to create such > entries.
yes, but the created computer account seems always be disabled in AD.
tried to set useraccountcontrol flags like this, but they never arrive in AD…
<forceValues>
<string>
var uac = dstBean.getDatasetFirstValueById('userAccountControl');
uac =
AD.userAccountControlSet(dstBean.getDatasetFirstValueById('userAccountControl'),
[AD.UAC_SET_WORKSTATION_TRUST_ACCOUNT]);
uac = uac +
AD.userAccountControlSet(dstBean.getDatasetFirstValueById('userAccountControl'),
[AD.UAC_SET_PASSWD_NOTREQD]);
uac = uac +
AD.userAccountControlSet(dstBean.getDatasetFirstValueById('userAccountControl'),
[AD.UAC_UNSET_ACCOUNTDISABLE]);
uac;
</string>
</forceValues>
>
> --
> Clément OUDOT
> Consultant en logiciels libres, Expert infrastructure et sécurité
> Savoir-faire Linux
> 137 boulevard de Magenta - 75008 PARIS
> Blog: http://sflx.ca/coudot
>
> _______________________________________________________________
> Ldap Synchronization Connector (LSC) - http://lsc-project.org
>
> lsc-users mailing list
> [email protected]
> http://lists.lsc-project.org/listinfo/lsc-users
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________________________ Ldap Synchronization Connector (LSC) - http://lsc-project.org lsc-users mailing list [email protected] http://lists.lsc-project.org/listinfo/lsc-users
