loginDisabled#

The EDirectory loginDisabled attribute is a boolean and when this attribute is set to True, it disables the user account. This is used for explicit permanent disabling of an account. The loginDisabled attribute can only be manually set and cleared. Any other value than "True", including the lack of values, the account is enabled.

OrclIsEnabled#

The orclIsEnabled attribute is used within Oracle Internet Directory denotes that a user is currently enabled to authenticate. Valid values are ENABLED (or attribute not present in the user entry) and DISABLED. A user can successfully authenticate only if the value is "ENABLED" or the attribute is not present in the entry. Defined in the Oracle Internet Directory schema as:
attributetypes	( 2.16.840.1.113894.1.1.316 NAME 'orclIsEnabled' EQUALITY caseIgnoreMatch SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' SINGLE-VALUE )

Sample Policy To Work With OrclIsENabled#

Use Entirely at Your Own Risk Services.willeke.biz nor anyone else is responsible if you use a tool or any information on this site and causes damages to anyone or anything! This is only Example code
<rule name="Override Enable in OID" next-transform="Password(Pub)-Default Password Policy.Publisher.QctOid.driverset.dirxml.services">
	<policy>
		<rule>
			<description>Override enable in OID (OID attribute orclIsEnabled is opposite of Login Disabled)</description>
			<conditions>
				<and>
					<if-class-name op="equal">User</if-class-name>
					<if-op-attr name="Login Disabled" op="changing"/>
					<if-op-attr name="Login Disabled" op="not-available"/>
					<if-dest-attr name="Login Disabled" op="equal">true</if-dest-attr>
				</and>
				<and>
					<if-class-name op="equal">User</if-class-name>
					<if-op-attr name="Login Disabled" op="changing"/>
					<if-op-attr name="Login Disabled" op="not-equal">DISABLED</if-op-attr>
					<if-dest-attr name="Login Disabled" op="equal">true</if-dest-attr>
				</and>
			</conditions>
			<actions>
				<do-set-src-attr-value name="Login Disabled">
					<arg-value type="string">
						<token-text xml:space="preserve">DISABLED</token-text>
					</arg-value>
				</do-set-src-attr-value>
			</actions>
		</rule>
	</policy>
</rule>

More Information#

There might be more information for this subject on one of the following:

Add new attachment

Only authorized users are allowed to upload new attachments.
« This page (revision-8) was last changed on 07-Apr-2016 13:57 by jim