19 Apr
2013
19 Apr
'13
8:55 a.m.
On 16/04/2013 19:49, Jignesh Patel wrote:
Does openldap has a provision like active directory to disable a user?
useraccountcontrol 544
At our site I created a new attribute 'globalLock' for every account and filter on that at the service end. For example in /etc/ldap.conf for PAM:
pam_filter (globalLock=off)
Enabled users get globalLock set to 'off'. Any other value will lock the user out.
It's simple enough to use in Apache and other applications too.
--
Liam Gretton liam.gretton@le.ac.uk
Systems Specialist http://www.le.ac.uk/its
IT Services Tel: +44 (0)116 2522254
University of Leicester, University Road
Leicestershire LE1 7RH, United Kingdom