search

ahaenggli / AzureAD-LDAP-wrapper

LDAP-Wrapper for 'microsoft 365' work or school accounts/users (former 'office 365' - via Entra ID, former AzureAD without AADDS)
https://ahaenggli.github.io/AzureAD-LDAP-wrapper/
MIT License
119 stars 28 forks source link

reset password for disabled users #63

Closed yufukui-m closed 1 year ago

yufukui-m commented 1 year ago

reset password if an account disabled. after re-enabling a user, new bind request is required.

Screenshot 2023-07-24 at 14 15 36
ahaenggli commented 1 year ago

Do you have a little more information for me on why this modification is needed? If a user is disabled, the login should already fail.

yufukui-m commented 1 year ago

yes, a new bind request always fail for a disabled user. but once after login succeed, cached passwords are always valid and not synced. this pull-request changes behavior after the first login, invalidate password of disabled users when syncing users with azure ad.

ahaenggli commented 1 year ago

Oh, I see. This way no unnecessary password ends up in the cache. That's fine for me :)