dani
/
zimbra
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

[zmldapsync] Handle locked accounts

This commit is contained in:
Daniel Berteaud 2022-01-16 22:01:33 +01:00
parent 656f4dbfbf
commit 21f86fd4e6
1 changed files with 8 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
zmldapsync/zmldapsync.pl
View File

@ -395,6 +395,13 @@ DOMAIN: foreach my $domain ( keys %{$conf->{domains}} ) {
$attrs .= " zimbraAuthLdapExternalDn " . zim_attr_value( $ext_users->{$user}->{dn} );
}
# Check if user is locked in Zimbra, and if so, unlock it
# An account from LDAP should get out of the search filter to get locked
if ( $zim_users->{$user}->{zimbraAccountStatus} eq 'locked' ) {
log_verbose( "User $user is " . $zim_users->{$user}->{zimbraAccountStatus} . " in Zimbra, will be set to active" );
$attrs .= " zimbraAccountStatus active ";
}
if ( $attrs ne '' ) {
# Some attribute must change, we need to update Zimbra
log_verbose( "User $user has changed in external LDAP, updating it" );
@ -966,7 +973,7 @@ sub get_default_conf {
start_tls => 1
},
users => {
filter => '(&(objectClass=user)(mail=*))',
filter => '(&(objectClass=user)(mail=*)(!(useraccountcontrol:1.2.840.113556.1.4.803:=2)))',
key => 'sAMAccountName',
mail_attr => 'mail',
alias_attr => 'otherMailbox',