Announcement Announcement Module
No announcement yet.
LDAP users are missing userAccountControl attribute. Page Title Module
Move Remove Collapse
Conversation Detail Module
  • Filter
  • Time
  • Show
Clear All
new posts

  • LDAP users are missing userAccountControl attribute.

    Hello everyone,

    I am writing a script that retrieves some LDAP users, and writes them to a text-file. In this script, i used a filter to retrieve only the users which have the 'PasswordNeverExpires' attribute. I've learned that this attribute, along with others, is stored in the 'userAccountControl' attribute.

    When i checked our LDAP users in an LDAP browser, i noticed that 80% of our users don't have a userAccountControl attribute, thus also no 'PasswordNeverExpires' ?! Then i checked some users in Server Manager, and they all do have the PasswordNeverExpires property enabeled, so no problem there. Does anybody know how this is possible?

    I also noticed that all our users who do have a 'userAccountControl' attribute, are in an administrator group. Could this have something to do with that? Our LDAP runs on a Windows 2008 server.

    Many thanks in advance,

  • #2
    I am not sure this is the correct forum for your question, this forum is for Spring LDAP API