Emmanuel Lecharny wrote:
What do you mean exactly ? It's an LDAP server, and the authentication
system will just look for a user which DN is given, and compare its
credential with what has been passed to the Bind Request operation (at
least for a Simple authentication).
Either the user exists and its credential are valid, and the user will
be authenticated, or one of the two previous condition are not met,
and the user won't be authenticated. There are no notion of
enabled/disabled users, or locked.
Did I misinterpretated your need ?
By checking the documentation I did not find any hint related to this
action, either. So I don't know if this feature is supported by the
Apache DS at all.
Just in addition to Emmanuel (who is right), Mike perhaps compares it to
vendor specific features, some LDAP servers provide (Active Directory,
IBM Tivoli, etc.).
You have different options to mimic such requirements with Standard LDAP
functionality in ApacheDS. The easiest I have in mind is simply deleting
the user entry. Other options depend on how you authenticate.
It is perhaps sufficient to remove the user from some group, or to
remove his/her password attribute from the user entry. I have other
things which would work in mind as well, but it depends on your exact
requirements, whether they work or not.
Greetings from Hamburg,
Stefan
