Highlighted
Anonymous_User Absent Member.
Absent Member.
393 views

Enable/disable accounts in Active Directory


Has anyone found a way to enable or disable accounts in Active Directory
using Validator?

I have a use case where I need to test what happens when the account is
enabled and disabled in Validator. Since this is indicated in Active
Directory using bit 2 in the UserAccountControl attribute, I don't see
an easy way to change this bit without messing up the other bits.

A related use case is when creating Active Directory accounts during the
setup, they are always created in a disabled state since the account has
no password. I get this behavior even when supplying a value for
userPassword during the add object action over a secure, 636 connection.
I'd like to be able to enable the account after it is created in the
setup.


--
alkirew
------------------------------------------------------------------------
alkirew's Profile: https://forums.netiq.com/member.php?userid=9115
View this thread: https://forums.netiq.com/showthread.php?t=52878

Labels (1)
0 Likes
1 Reply
Anonymous_User Absent Member.
Absent Member.

Re: Enable/disable accounts in Active Directory

On Thu, 19 Feb 2015 19:34:01 +0000, alkirew wrote:

> Has anyone found a way to enable or disable accounts in Active Directory
> using Validator?


That's going to be difficult. You'd need to get userAccountControl, flip
bit 2, then write it back.


> I have a use case where I need to test what happens when the account is
> enabled and disabled in Validator. Since this is indicated in Active
> Directory using bit 2 in the UserAccountControl attribute, I don't see
> an easy way to change this bit without messing up the other bits.


Right.


> A related use case is when creating Active Directory accounts during the
> setup, they are always created in a disabled state since the account has
> no password. I get this behavior even when supplying a value for
> userPassword during the add object action over a secure, 636 connection.
> I'd like to be able to enable the account after it is created in the
> setup.


The domain controller should auto-magically enable the account when its
password meets the domain's password complexity requirements. It will
actively disable the account until that happens. Enabling it yourself
will not work.


--
--------------------------------------------------------------------------
David Gersic dgersic_@_niu.edu
Knowledge Partner http://forums.netiq.com

Please post questions in the forums. No support provided via email.
If you find this post helpful, please click on the star below.
0 Likes
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.