Hi,
We notice that when a user is synchronized from 389 Directory to Active Directory the AccountUserControl value was 544 (mean NORMAL ACCOUNT + PASSWD_NOTREQD http://support.microsoft.com/kb/305144/en-us).
This isn't secure (allow user to set empty password). Letting the administrator set a default value for this attribute in synchronization parameters would be nice.
Thanks.
Need to investigate: does AD have default flag configuration for new users added via LDAP?
Ticket has been cloned to Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=1206309
git patch file (master) 0001-Ticket-47723-winsync-sets-AccountUserControl-in-AD-t.patch
Reviewed by Rich (Thank you!!)
Pushed to master: fd81643..d85ef49 master -> master commit d85ef49
Metadata Update from @nhosoi: - Issue assigned to nhosoi - Issue set to the milestone: 1.3.4 backlog
389-ds-base is moving from Pagure to Github. This means that new issues and pull requests will be accepted only in 389-ds-base's github repository.
This issue has been cloned to Github and is available here: - https://github.com/389ds/389-ds-base/issues/1057
If you want to receive further updates on the issue, please navigate to the github issue and click on subscribe button.
subscribe
Thank you for understanding. We apologize for all inconvenience.
Metadata Update from @spichugi: - Issue close_status updated to: wontfix (was: Fixed)
Login to comment on this ticket.