[Samba] Account locked and delayed user data propagation...

Marco Gaiarin gaio at sv.lnf.it
Mon Nov 18 11:57:09 UTC 2019


Mandi! Rowland penny via samba
  In chel di` si favelave...

> yes, Provided you use the right attribute to search on ;-)

Ah! ;-)


Just i'm here, i test three condition in account flags, eg:

	UAC=$(ldbsearch ${LDB_OPTS} -b "${BASEDN}" "(&(objectClass=user)(sAMAccountName=$1))" userAccountControl | grep "^userAccountControl: " | cut -d ' ' -f 2-)

	# Old 'D' flag:
	((($UAC & 2) == 2)) && enabled="false"          # 0x00000002

	# Old 'X' flag:
	((($UAC & 65536) == 65536)) && expire="true"    # 0x00010000

	# Old 'L' glag:
	((($UAC & 16) == 16)) && locked="true"          # 0x00000010

Apart for 'locked', there are better ldap fields also for disabled and
'don't expire' flags?


Thanks.

-- 
dott. Marco Gaiarin				        GNUPG Key ID: 240A3D66
  Associazione ``La Nostra Famiglia''          http://www.lanostrafamiglia.it/
  Polo FVG   -   Via della Bontà, 7 - 33078   -   San Vito al Tagliamento (PN)
  marco.gaiarin(at)lanostrafamiglia.it   t +39-0434-842711   f +39-0434-842797

		Dona il 5 PER MILLE a LA NOSTRA FAMIGLIA!
      http://www.lanostrafamiglia.it/index.php/it/sostienici/5x1000
	(cf 00307430132, categoria ONLUS oppure RICERCA SANITARIA)



More information about the samba mailing list