adamwill / 389-ds-base

Forked from 389-ds-base 4 years ago
Clone
Source Code
GIT

28c129b Ticket #48001 - ns-activate.pl fails to activate account if it was disabled on AD

Authored and Committed by nhosoi 9 years ago
raw patch tree parent
1 file changed. 3 lines added. 0 lines removed.
ldap/servers/plugins/posix-winsync/posix-winsync.c
file modified
+3 -0 
    Ticket #48001 - ns-activate.pl fails to activate account if it was disabled on AD
    
    Bug Description: When Posix-WinSync plug-in receives a request to
    disable an account from AD, it checks the nsAccountLock explicitly
    as well as virtually.  If it's not found in the both checks, it does
    not set a flag to tell it is a virtual attribute, then a real
    "nsAccountLock: true" attr-value pair is added to the user entry.
    Once the real nsAccountLock attribute is added to an entry, ns-activate.pl
    as well as Console does not remove it since it's not implemented for
    the purpose.
    
    Fix Description: Since nsAccountLock is known as a virtual attribute,
    set a virtual flag by default, which prevents to add a real attribute
    value pair.
    
    https://fedorahosted.org/389/ticket/48001
    
    Reviewed by mreynolds@redhat.com (Thank you, Mark!!)
    
    (cherry picked from commit 345d2c0870d7e8b1005a13cc9cf93865ff0cb53d)
    (cherry picked from commit 33a5ade48caba8673748a4f7aee072596a8f6d53)
    (cherry picked from commit c92214546f9ac85c29a2c942b912fffdf5339910)
file modified
+3 -0
Powered by Pagure 5.13.3
DocumentationFile an IssueAboutSSH Hostkey/Fingerprint
© Red Hat, Inc. and others.