Why userAccountControl:1.2.840.113556.1.4.803: attribute is checked by default on ldap search for group-mapping purpose ?y.

Reply
SECRES
L0 Member

Why userAccountControl:1.2.840.113556.1.4.803: attribute is checked by default on ldap search for group-mapping purpose ?y.

Hi,

In V6.0.2, the userAccountControl:1.2.840.113556.1.4.803: check is not optionnal and is per default active, even for non Active-directory LDAP Directories . The objective is to prevent loading of disabled users in group-mapping tables.

But this causes on our firewalls to have empty groups because this attribute is nor present is our AD/LDS Directory.

This is a change is V6 which prevent us to upgrade to V6 .

Does anybody have this problem ?

Thanks

Jacques

Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!