Summary

2 issues: 1) AD users' expire-date reset in BoKS adsync 2) Problem with LDAP attribute values folded onto multiple lines

Issue

The two problems addressed in this article are:

1. Under certain circumstances, Active Directory users with account expiration date set to not expire have their expire-date reset in BoKS on every invocation of adsync.
2. The adsync script lacks support for non-base64 encoded wrapped lines in the LDIF data. I.e. LDAP attribute values folded onto multiple lines.

Resolution / Workaround

The solution is to apply hotfix HFBM-0040, available for download from the HelpSystems Community Portal. The hotfix takes care of the following:

1. Non-expiring AD accounts are set to expire on Jan 17, 2038 in BoKS.
2. adsync now supports attributes that have been folded in the LDIF input, including both plain text- and base64-encoded values as well as folded comment lines.


Still have questions? We can help. Submit a case to Technical Support.

Last Modified On: May 25, 2018