Disabling AD Account does not disable user after LDAP Sync #344
Labels
v2
wg-portal version 2
Comments
|
Hi, can you please post some logs (trace level) and your ldap provider config (without sensitive content). Have you set the disable_missing flag to true? |
|
tested in v2.0.0-beta.3, cant see a problem |
|
How does the feature work? Should the LDAP filter be set to filter out
locked or disabled users and then should the disable missing users setting
allow the system to automatically disable users who did not show up in the
last sync?
This is what I tested but could not get working. Can you share a working
config that I can compare against?
…On Sat, Jan 18, 2025, 6:21 AM h44z ***@***.***> wrote:
tested in v2.0.0-beta.3
<https://github.com/h44z/wg-portal/releases/tag/v2.0.0-beta.3>, cant see
a problem
—
Reply to this email directly, view it on GitHub
<#344 (comment)>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/AD5NTEN365NG4O2HNROMOX32LI2L5AVCNFSM6AAAAABVL5XZW6VHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMZDKOJZGY3TOMRRGA>
.
You are receiving this because you authored the thread.Message ID:
***@***.***>
|
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
This is my sync filter:
sync_filter: (&(objectClass=organizationalPerson)(memberOf=CN=vpn_users,OU=Service Groups,OU=,DC=
,DC=local)(!userAccountControl:1.2.840.113556.1.4.803:=2)(!userAccountControl:1.2.840.113556.1.4.803:=16)(mail=*))
If I disable a user in Active Directory, the LDAP sync shows one less number of users sync'd, but the missing user is not disabled or deleted. I tried with both the latest container published in dockerhub, as well as by building the container from the latest git. Neither worked.
The text was updated successfully, but these errors were encountered: