2 issues: 1) AD users' expire-date reset in BoKS adsync 2) Problem with LDAP attribute values folded onto multiple lines
The two problems addressed in this article are:
1. Under certain circumstances, Active Directory users with account expiration date set to not expire have their expire-date reset in BoKS on every invocation of adsync.
2. The adsync script lacks support for non-base64 encoded wrapped lines in the LDIF data. I.e. LDAP attribute values folded onto multiple lines.
Resolution / Workaround
The solution is to apply hotfix HFBM-0040, available for download from the HelpSystems Community Portal. The hotfix takes care of the following:
1. Non-expiring AD accounts are set to expire on Jan 17, 2038 in BoKS.
2. adsync now supports attributes that have been folded in the LDIF input, including both plain text- and base64-encoded values as well as folded comment lines.
Still have questions? We can help. Submit a case to Technical Support.