you're right Clément.. I believe I was using the wrong destination attribute (ntUserAuthFlags)...the correct one should be ntUserFlags which gives the basic possibilities for the AD account status:
- 0x0002: Account disabled - 0x0010: Account currently locked - 0x0020: Password not required - 0x0040: User cannot change password - 0x10000: Password should never expire those values are the same as Active Directory (as far as I know). Now my problem is how to write to destination (389-ds ldap). Em seg, 11 de jun de 2018 às 10:08, Clément OUDOT <clement.ou...@worteks.com> escreveu: > > > Le 11/06/2018 à 14:33, Paulo Sergio a écrit : > > Hi guys, > > > > just trying to sync info from an AD to my 389DS. So far I can get > > pretty much all I need except by the userAccountControl and password > > policy. Would someone point me to the right direction in how to do it? > > Basically I can get the userAccountControl value but I just can't > > write to ntUserAuthFlags. The password policy I have no idea in how to > > start. > > > You must first know which syntax are expected in destination attributes. > > For example for ntUserAuthFlags: > https://docs.oracle.com/cd/E19601-01/817-3897-10/ntdomain.html > > You can't just copy values from one system to another, unless they use > the same syntax. > > > -- > Clément Oudot | Identity Solutions Manager > > clement.ou...@worteks.com > > Worteks | https://www.worteks.com > > _______________________________________________________________ > Ldap Synchronization Connector (LSC) - http://lsc-project.org > > lsc-users mailing list > lsc-users@lists.lsc-project.org > https://lists.lsc-project.org/cgi-bin/mailman/listinfo/lsc-users
_______________________________________________________________ Ldap Synchronization Connector (LSC) - http://lsc-project.org lsc-users mailing list lsc-users@lists.lsc-project.org https://lists.lsc-project.org/cgi-bin/mailman/listinfo/lsc-users