[Davical-general] Suggestion for better ActiveDirectory user sync documentation

classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view
|

[Davical-general] Suggestion for better ActiveDirectory user sync documentation

Carsten Pohle
Hi,

on http://wiki.davical.org/w/Configuration/AD is an example
configuration for ActiveDirectory user authentication.

As this setup is also important for LDAP user synchronization, I would
suggest the following tweak to the example config:

If you set

        'filterUsers'     =>
'(&(objectclass=person)(objectclass=user)(!(objectClass=computer))(!(userAccountControl:1.2.840.113556.1.4.803:=2)))',

you prevent both computer accounts and disabled users from being sync
(or used for authentication).

Maybe someone with write access to the wiki wants to publish this.

Thanks and best regards

Carsten

------------------------------------------------------------------------------
LogMeIn Central: Instant, anywhere, Remote PC access and management.
Stay in control, update software, and manage PCs from one command center
Diagnose problems and improve visibility into emerging IT issues
Automate, monitor and manage. Do more in less time with Central
http://p.sf.net/sfu/logmein12331_d2d
_______________________________________________
Davical-general mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/davical-general