Uploaded image for project: 'Crowd Data Center'
  1. Crowd Data Center
  2. CWD-4324

Crowd unable to retrieve "Account Disabled" flag for delegated directories

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Answered
    • Icon: Low Low
    • None
    • 2.7, 2.7.1, 2.7.2, 2.8
    • Directory - LDAP

      Bug Description

      As describe in this improvement request, Crowd has the ability to retrieve "Account Disabled" since version 2.7.0. This however only work for CONNECTOR method of integration with Active Directory.

      DELEGATED method will not work because Crowd will only retrieve the user information from AD server after a successful authentication. However, it is not possible for a disabled users to authenticate hence its status won't be brought over to Crowd and this user will still be counted as licensed user.

      How to replicate

      1. Create a new test user in AD
      2. Create both "Connector" and "Delegated" directories to the AD
      3. Synchronise the "Connector" directory and login using the user from "Delegated" directory
      4. Both directories will specified the user as "Active"
      5. Disabled the user in AD
      6. Synchronise the "Connector" directory and login using the user from "Delegated" directory

      Expected behaviour

      User registered under the "Connector" and "Delegated" directory will be registered as "Disabled"

      Result

      Only user registered under "Connector" directory registered as "Disabled" and the user from "Delegated" directory won't be able to login and still registered as active.

            Unassigned Unassigned
            scahyadiputra Septa Cahyadiputra (Inactive)
            Votes:
            4 Vote for this issue
            Watchers:
            7 Start watching this issue

              Created:
              Updated:
              Resolved: