on 12-06-2011 12:21 PM
Hi there,
when i start transaction LDAP, i can search for users and their attributes in Microsoft ADS. So far, transaction LDAP works but it doesn't show the attribute "accountExpires". Can anyone please help me with that problem?
Thank you
David
Meanwhile i solved the problem.
The interesting point is that we are using the global catalog in our LDAP-connector (Port 3268) and this catalog does not contain the attribute "accountExpires" in default-mode. You have to customize ms-ADS.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi David,
in my case (IDES ECC6.0, NW700.15) accountExpires is always showing (either 0 or >0)
I use a standard, non-SSL direct connection to an ADS on Win2003.
My settings are:
Base: cn=users,dc=example,dc=com
Filter: (&(objectclass=*))
Attributes:
accountExpires
objectclass
Mode:
non-hex
My communication user has full-admin rights.
Of course not all objectclasses have the accountexpires attribute (e.g. groups), so I support Matts suggestion.
Edit: By the way: this forum covers the SAP product "SAP NetWeaver Identity Management" which only partly deals with transaction LDAP; maybe you get more helpful answers if you bring up this question in a different forum.
BR
Michael
Edited by: Michael Schüßler on Dec 6, 2011 2:36 PM
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
David,
Are you going through Identity Center or VDS?
In either case, are you using a search filter? If so what is the objectclass component?
Matt
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
User | Count |
---|---|
85 | |
10 | |
9 | |
9 | |
6 | |
6 | |
6 | |
5 | |
3 | |
3 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.