Hyland Community
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Disable accounts created by LDAP sync

mpeters
Champ in-the-making
Champ in-the-making

‎02-26-2013 04:32 AM

Hi there,

how can I disable (as an admin) certain user accounts, which where previously created by the regular LDAP sync?

When editing this sort of user account the <strong>Disable account</strong> setting is disabled (grayed) and can't be changed (in former versions this setting was not disabled/grayed but any change did't took effort).

Kind regards
Markus
Labels:
0 Kudos
7 REPLIES 7

ofnavarro
Champ in-the-making
Champ in-the-making

‎10-08-2014 03:03 PM

Hi,

did you found the solution to this issue? At this moment i have the same problem and i´m going crazy with the property "isMutable" that appears to block the user disable action.

Thanks in advance.
0 Kudos

mlagneaux
Champ on-the-rise
Champ on-the-rise

‎10-13-2014 03:38 AM

Hi,

User accounts that come from LDAP or AD sync are not mutable. An account will be disabled by Alfresco if it is deleted from LDAP or AD and if synchronization.allowDeletions parameter is set to false.

I think you can disable accounts coming from LDAP or AD with a javascript script. But I don't know if synchronization will reenable them.

0 Kudos

ofnavarro
Champ in-the-making
Champ in-the-making

‎10-13-2014 06:50 AM

Hi and thanks for your answer,

Disable user accounts with the alfresco/service/api/people is what we are trying to do but, with the user accounts created by LDAP synchronization, is impossible. It always gives a "Not found user" exception. The same function with de enable option does not give this error and it gives a 200 code.

We have also tried with the alfresco/service/slingshot/profile/userprofile function and it changes the node properties correctly but there must be a superior authority that manage this immutable properties.

If only we knew how to delete this mark to these user accounts,  we could manage this account like they have never been sync.

Have you any idea to do this?

Merci beaucoup.
0 Kudos

mlagneaux
Champ on-the-rise
Champ on-the-rise

‎10-20-2014 08:58 AM

I think you can directly use the NodeService instead of classic APIs that manage user accounts.
To disable a user coming from LDAP or AD, you can add personDisabled aspect to the related "cmSmiley Tongueerson" node. This node is located in workspace://SpacesStore store in system/people.
Don't what LDAP synchronization is going to do on a user account with this aspect.
0 Kudos

hgindl
Champ in-the-making
Champ in-the-making

‎10-22-2014 04:01 AM

you could also make a application group in your ldap for alfresco and sync only users from this special group
0 Kudos

alahwany
Champ in-the-making
Champ in-the-making
In response to hgindl

‎09-24-2015 12:55 AM

Can you please tell me how to make this ? becasue i have some users only need to log on the alfresco ?

0 Kudos

luiseterc
Champ in-the-making
Champ in-the-making

‎10-23-2014 06:32 AM

Hi, I'm just now facing the same problem. We are shutting down our AD server and want all the sync'ed accounts to become local account. All of them are now disabled and cannot change that property.

I tried thru both a JS script and RESTful API and it throws a "user not found" exception.

Anyone found a solution?
0 Kudos
Getting started

Tags

Find what you came for

We want to make your experience in Hyland Connect as valuable as possible, so we put together some helpful links.

Copyright © 2025 Khoros, LLC