[lsc-users] Active Directory account status

Discussion:

Matjaz Premerl

2018-09-21 08:51:58 UTC

Hi,

Yesterday I've managed to create AD User based on data on Oracle table
using LSC.
Thanks again for your tips providing for now.
Now I have a challenge, how to control account status. For example in the
Oracle table I have one column STATUS with values 0 OR 1. 0 mean that
account should be enabled and 1 mean that should be disabled.
I have also noticed possibility for userAccountControl, for disable .e.g
AD.userAccountControlSet( "0", [AD.UAC_SET_ACCOUNTDISABLE])
But now I'm not sure how to handle such value, based on condition which is
possible to achieve with values on column STATUS.
Can you maybe help me with the proper approach to handle properly such AD
method.

Thanks,
MatjaÅŸ

Matjaz Premerl

2018-09-21 14:00:48 UTC

Permalink

Hi,

For now I've managed to solved my requirement like this below. Can you just
please review what I did and comment if there is something wrong in my work.
For now it's working for a couple of users.

<name>userAccountControl</name>
<policy>FORCE</policy>
<forceValues>
<string>

var uac = "512";
if (srcBean.getDatasetFirstValueById("status") ==
"Disabled") {

uac = AD.userAccountControlSet("514",
[AD.UAC_SET_ACCOUNTDISABLE]);
print("Izpis1: " + uac);
} else {

uac = AD.userAccountControlSet("512",
[AD.UAC_UNSET_ACCOUNTDISABLE]);
print("Izpis2: " + uac);
}
uac;
</string>
</forceValues>

Regards,
MatjaÅŸ

V V pet., 21. sep. 2018 ob 10:51 je oseba Matjaz Premerl <

Post by Matjaz Premerl
Hi,
Yesterday I've managed to create AD User based on data on Oracle table
using LSC.
Thanks again for your tips providing for now.
Now I have a challenge, how to control account status. For example in the
Oracle table I have one column STATUS with values 0 OR 1. 0 mean that
account should be enabled and 1 mean that should be disabled.
I have also noticed possibility for userAccountControl, for disable .e.g
AD.userAccountControlSet( "0", [AD.UAC_SET_ACCOUNTDISABLE])
But now I'm not sure how to handle such value, based on condition which is
possible to achieve with values on column STATUS.
Can you maybe help me with the proper approach to handle properly such AD
method.
Thanks,
MatjaÅŸ

Clément OUDOT

2018-09-21 17:24:34 UTC

Permalink

Post by Matjaz Premerl
Hi,
For now I've managed to solved my requirement like this below. Can you
just please review what I did and comment if there is something wrong
in my work.
For now it's working for a couple of users.
<name>userAccountControl</name>
            <policy>FORCE</policy>
            <forceValues>
                <string>
                  
                  var uac = "512";
                  if (srcBean.getDatasetFirstValueById("status") ==
"Disabled") {
                    
                        uac = AD.userAccountControlSet("514",
[AD.UAC_SET_ACCOUNTDISABLE]);
                        print("Izpis1: " + uac);
                  } else {
                    
                    uac = AD.userAccountControlSet("512",
[AD.UAC_UNSET_ACCOUNTDISABLE]);
                    print("Izpis2: " + uac);
                  }
                  uac;
                </string>
            </forceValues>

Sounds good to me, of course by removing your test code and using the
code you put in comment.

For information here is the javadoc for AD class:
https://lsc-project.org/javadoc/2.1-SNAPSHOT/org/lsc/utils/directory/AD.html
--
Clément Oudot | Identity Solutions Manager

***@worteks.com

Worteks | https://www.worteks.com

_______________________________________________________________
Ldap Synchronization Connector (LSC) - http://lsc-project.org

lsc-users mailing list
lsc-***@lists.lsc-project.org
https://lists.lsc-projec