AnsweredAssumed Answered

How to disable users via LDAP sync setup.

Question asked by geroms on Jan 26, 2017
Latest reply on May 4, 2017 by mpinon

We are using Heat 2016.1.1 and we have begun using LDAP sync to pull in our employees from AD.  We have set the option within the LDAP sync setup to “Disable HEAT users who have been disabled AD”.  The LDAP field that we have set in this section is “useraccountcontrol”.  This setting asks for a “Value” to determine whether or not the user is disabled in AD.  The value that we see in AD when an account is disabled is a hex number (0x202).  If I’m doing my conversion correctly, this hex number converts to 514 in decimal.  My question is, what number should use in the LDAP settings?  Is it looking for the decimal equivalent of 0x202 or is it looking for the actual hex number that we see in AD?