LDAP OU Definition for Inactive/disabled users
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
02-13-2024 06:01 AM
Hello all,
We are trying to create new LDAP OU Definition for inactive/disabled users. For this, while creating a new OU, we need to provide filter condition for to retrieve disabled users from AD. What type of filter we need to provide there in filter condition so that we can get disabled users information and accounts in ldap_import table.
Please let us know your thoughts on this and thanks in advance.
Thanks.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
02-13-2024 04:15 PM
Hi, this would be a question best answered by your LDAP administration team as they should have specific details of your orgs LDAP configuration. But if you have an OU specifically for inactive users, then a query to the OU with no userAccessControl filter should return all of the inactive users IE all of the records in the OU.
These threads might also help clarify requirements.
Solved: useraccountcontrol LDAP - ServiceNow Community
UserAccountControl property flags - Windows Server | Microsoft Learn