[zmldapsync] Handle locked accounts
This commit is contained in:
parent
656f4dbfbf
commit
6767666f9c
|
@ -395,6 +395,13 @@ DOMAIN: foreach my $domain ( keys %{$conf->{domains}} ) {
|
|||
$attrs .= " zimbraAuthLdapExternalDn " . zim_attr_value( $ext_users->{$user}->{dn} );
|
||||
}
|
||||
|
||||
# Check if user is locked in Zimbra, and if so, unlock it
|
||||
# An account from LDAP should get out of the search filter to get locked
|
||||
if ($zim_users->{$user}->{zimbraAccountStatus} eq 'locked') {
|
||||
log_verbose( "User $user is " . $zim_users->{$user}->{zimbraAccountStatus} . " in Zimbra, will be set to active" );
|
||||
$attrs .= " zimbraAccountStatus active " );
|
||||
}
|
||||
|
||||
if ( $attrs ne '' ) {
|
||||
# Some attribute must change, we need to update Zimbra
|
||||
log_verbose( "User $user has changed in external LDAP, updating it" );
|
||||
|
@ -966,7 +973,7 @@ sub get_default_conf {
|
|||
start_tls => 1
|
||||
},
|
||||
users => {
|
||||
filter => '(&(objectClass=user)(mail=*))',
|
||||
filter => '(&(objectClass=user)(mail=*)(!(useraccountcontrol:1.2.840.113556.1.4.803:=2)))',
|
||||
key => 'sAMAccountName',
|
||||
mail_attr => 'mail',
|
||||
alias_attr => 'otherMailbox',
|
||||
|
|
Loading…
Reference in New Issue