[Aleksandr Shchebatenko]

Hello!

I’ve set up Otobo 11 with an LDAP (Active Directory) connection for user synchronization. The users are successfully synced but cannot log into the system. Here’s what’s happening:

1. The users are added to the system via LDAP and appear under the Benutzerkunden section.
2. However, all synchronized users have the Gültigkeit (validity) status as “-“, which seems to prevent them from logging in.

3. LDAP search works correctly, and users from the required groups are synced without any issues.
4. I’ve tried adjusting the attribute mapping and checking the configurations, but the user activity status remains invalid.

Note: I am not entirely sure if the login issue is directly related to this. If anyone has insight into why login issues might arise after setting up LDAP, please let me know.

### Questions:
– What could be causing the Gültigkeit status of LDAP-synced users to remain as “-“?
– How can I configure Otobo so that the activity status (Gültigkeit) of synchronized users is valid, allowing them to log in?
– Is there a way to automatically assign an active status to accounts after synchronization with LDAP?

### Additional Information on Attempts to Solve the Issue:
1. Attribute Mapping Check: I’ve tried using various attributes for mapping in Config.pm, such as sAMAccountName, userPrincipalName, and userAccountControl. We also attempted to map the Gültigkeit field to show the user activity status, but the status still shows “-“.

2. Dynamic Field Setup: I created a dynamic field for manually editing the Gültigkeit status in the Otobo interface. However, the field either doesn’t appear or remains unavailable for editing.

3. Changing Status Display Logic: I tried modifying the display logic for the userAccountControl attribute so that a value of 512 would display as “gültig” (valid) and 514 as “ungültig” (invalid). However, users still cannot log in.

[Autor]

Beiträge