qmail-ldap + ad

Thu, 22 Feb 2007 02:17:26 -0800 

Hi peoples,

I working to enable "accountStatus" in qmail-dap + active directory.

Then I make any changes to test, but I think that I found one problem.


In AD the filed that control user status is "userAccountControl".

When the account is enable the value is 512 when disable the value is
514.

see

Account enable:

# base <CN=Carlos Cesario,CN=Users,DC=tecnomega,DC=com,DC=br> with scope
sub
# filter: (objectclass=*)
# requesting: ALL
#

# Carlos Cesario, Users, tecnomega.com.br
dn: CN=Carlos Cesario,CN=Users,DC=tecnomega,DC=com,DC=br
......
distinguishedName: CN=Carlos Cesario,CN=Users,DC=tecnomega,DC=com,DC=br
instanceType: 4
whenCreated: 20070206142407.0Z
whenChanged: 20070206190944.0Z
displayName: Carlos Cesario
uSNCreated: 13913
uSNChanged: 16424
name: Carlos Cesario
objectGUID:: MAM/H0tcGE6/iZrQ0x1UyQ==
userAccountControl: 512
......



Account Disable

# extended LDIF
#
# LDAPv3
# base <CN=Pereira Souza,CN=Users,DC=tecnomega,DC=com,DC=br> with scope
sub
# filter: (objectclass=*)
# requesting: ALL
#

# pereira souza, Users, tecnomega.com.br
dn: CN=pereira souza,CN=Users,DC=tecnomega,DC=com,DC=br
......
distinguishedName: CN=pereira souza,CN=Users,DC=tecnomega,DC=com,DC=br
instanceType: 4
whenCreated: 20070214124917.0Z
whenChanged: 20070221202000.0Z
displayName: pereira souza
uSNCreated: 20743
uSNChanged: 28689
name: pereira souza
objectGUID:: hrPk6L4f4UWq9c4hebwGyA==
userAccountControl: 514
.......


Then I change any values in qmail-ldap.h (to test)

#define LDAP_ISACTIVE           "userAccountControl"
#define STATUS_BOUNCE           514
#define STATUS_OK               512

and in qmail-ldaplookup.c



case STATUS_BOUNCE:
               output(subfdout, "%s: %s  %i\n",
               LDAP_ISACTIVE, ISACTIVE_BOUNCE, STATUS_BOUNCE);

case STATUS_OK:
               output(subfdout, "%s: %s  %i\n",
               LDAP_ISACTIVE, ISACTIVE_ACTIVE, STATUS_OK);




and recompiled all..... but I don't give sucesss,,,,


see the results

......


the account enable.

[EMAIL PROTECTED]:/var/src/qmail-1.03# qmail-ldaplookup -u
[EMAIL PROTECTED]
Searching ldap for:
(&(objectClass=User)([EMAIL PROTECTED]))
under dn: cn=Users,dc=tecnomega,dc=com,dc=br
Found 1 entry:

dn: CN=Carlos Cesario,CN=Users,DC=tecnomega,DC=com,DC=br
-------------------------------------------------------
objectClass: top
objectClass: person
objectClass: organizationalPerson
objectClass: user
mail: [EMAIL PROTECTED]
mail: [EMAIL PROTECTED]
userAccountControl: active  512     



the account disable.

[EMAIL PROTECTED]:/var/src/qmail-1.03# qmail-ldaplookup -u
[EMAIL PROTECTED]
Searching ldap for: (&(objectClass=User)([EMAIL PROTECTED]))
under dn: cn=Users,dc=tecnomega,dc=com,dc=br
Found 1 entry:

dn: CN=pereira souza,CN=Users,DC=tecnomega,DC=com,DC=br
-------------------------------------------------------
objectClass: top
objectClass: person
objectClass: organizationalPerson
objectClass: user
mail: [EMAIL PROTECTED]
mail: [EMAIL PROTECTED]
userAccountControl: active  512



is active  too..... but the value is 514 (in ldapsearch)




somebody have any idea ?




thanks


Carlos

Reply via email to