-
Type:
Improvement
-
Status: Open (View Workflow)
-
Priority:
Major
-
Resolution: Unresolved
-
Component/s: active-directory-plugin, core, ldap-plugin
-
Labels:None
-
Similar Issues:
In the current situation, there is no check about the accounts that are disabled, locked or expired, or having their credentials expired in active-directory.
This ticket has the goal to improve the situation by reading as much as possible from the attributes returned by the server.
Field | Original Value | New Value |
---|---|---|
Assignee | Wadeck Follonier [ wfollonier ] | Alessio Moscatello [ spinus1 ] |
Remote Link | This issue links to "#89 in active-directory (Web Link)" [ 22316 ] |
Remote Link | This issue links to "#34 in ldap (Web Link)" [ 22317 ] |
Remote Link | This issue links to "#3866 in core (Web Link)" [ 22318 ] |
Assignee | Alessio Moscatello [ spinus1 ] | Wadeck Follonier [ wfollonier ] |
Link | This issue is duplicated by SECURITY-900 [ SECURITY-900 ] |
Status | Open [ 1 ] | In Progress [ 3 ] |
Status | In Progress [ 3 ] | Open [ 1 ] |
Remote Link | This issue links to "#96 in active-directory (Web Link)" [ 23013 ] |
Remote Link | This issue links to "#89 in active-directory (Web Link)" [ 22316 ] |
The PRs in ldap and active-directory uses the Microsoft's standard for the attribute names/values. I am not sure that's sufficient to cover most of the usage.