diff options
author | Sumit Bose <sbose@redhat.com> | 2010-12-21 13:30:33 +0100 |
---|---|---|
committer | Stephen Gallagher <sgallagh@redhat.com> | 2011-01-19 09:53:20 -0500 |
commit | 22f4c1b86dcf5589e63f2ae043dc65a8f72f6f18 (patch) | |
tree | fb69e82eea580199f7919ecf02a83b3339b8dbcc /src/providers/ldap/ldap_common.c | |
parent | 5352c9b3609bca63814f9f6f03dbbbadf6c6333a (diff) | |
download | sssd-22f4c1b86dcf5589e63f2ae043dc65a8f72f6f18.tar.gz sssd-22f4c1b86dcf5589e63f2ae043dc65a8f72f6f18.tar.bz2 sssd-22f4c1b86dcf5589e63f2ae043dc65a8f72f6f18.zip |
Add LDAP expire policy based on AD attributes
The second bit of userAccountControl is used to determine if the account
is enabled or disabled. accountExpires is checked to see if the account
is expired.
Diffstat (limited to 'src/providers/ldap/ldap_common.c')
-rw-r--r-- | src/providers/ldap/ldap_common.c | 8 |
1 files changed, 6 insertions, 2 deletions
diff --git a/src/providers/ldap/ldap_common.c b/src/providers/ldap/ldap_common.c index 6daf2c9f..e98e718b 100644 --- a/src/providers/ldap/ldap_common.c +++ b/src/providers/ldap/ldap_common.c @@ -121,7 +121,9 @@ struct sdap_attr_map rfc2307_user_map[] = { { "ldap_user_krb_last_pwd_change", "krbLastPwdChange", SYSDB_KRBPW_LASTCHANGE, NULL }, { "ldap_user_krb_password_expiration", "krbPasswordExpiration", SYSDB_KRBPW_EXPIRATION, NULL }, { "ldap_pwd_attribute", "pwdAttribute", SYSDB_PWD_ATTRIBUTE, NULL }, - { "ldap_user_authorized_service", "authorizedService", SYSDB_AUTHORIZED_SERVICE, NULL } + { "ldap_user_authorized_service", "authorizedService", SYSDB_AUTHORIZED_SERVICE, NULL }, + { "ldap_user_ad_account_expires", "accountExpires", SYSDB_AD_ACCOUNT_EXPIRES, NULL}, + { "ldap_user_ad_user_account_control", "userAccountControl", SYSDB_AD_USER_ACCOUNT_CONTROL, NULL} }; struct sdap_attr_map rfc2307_group_map[] = { @@ -161,7 +163,9 @@ struct sdap_attr_map rfc2307bis_user_map[] = { { "ldap_user_krb_last_pwd_change", "krbLastPwdChange", SYSDB_KRBPW_LASTCHANGE, NULL }, { "ldap_user_krb_password_expiration", "krbPasswordExpiration", SYSDB_KRBPW_EXPIRATION, NULL }, { "ldap_pwd_attribute", "pwdAttribute", SYSDB_PWD_ATTRIBUTE, NULL }, - { "ldap_user_authorized_service", "authorizedService", SYSDB_AUTHORIZED_SERVICE, NULL } + { "ldap_user_authorized_service", "authorizedService", SYSDB_AUTHORIZED_SERVICE, NULL }, + { "ldap_user_ad_account_expires", "accountExpires", SYSDB_AD_ACCOUNT_EXPIRES, NULL}, + { "ldap_user_ad_user_account_control", "userAccountControl", SYSDB_AD_USER_ACCOUNT_CONTROL, NULL} }; struct sdap_attr_map rfc2307bis_group_map[] = { |