On 02/28/2014 12:46 PM, Riss Nicolas wrote:
We are making some test in order to synchronize 389 Directory with an
Active Directory. We don’t install pass sync because we need only to
synchronize password from the 389 Directory instance. Everything works
well, but when we analyze the user on Active Directory that were
synchronized from the 389 Directory, we notice that the
AccountUserControl value was 544, that’s mean NORMAL ACCOUNT +
PASSWD_NOTREQD. Due to security reason it is not acceptable for us, at
least it must be 514 (only NORMAL_ACCOUNT).
We search a way to modify this behavior, but we cannot find anything.
Is there any way to force this value for new user synchronize to the
Active Directory ?
No. Please file a ticket at https://fedorahosted.org/389/newticket
OS : CentOS 6.5
389 Directory version : 389-Directory/126.96.36.199 B2013.357.177
Active Directory on Windows 2008R2
389 users mailing list