Beefy Boxes and Bandwidth Generously Provided by pair Networks
No such thing as a small change

Disable an AD Account via LDAP

by fritz1968 (Sexton)
on Oct 08, 2012 at 14:45 UTC ( #997828=perlquestion: print w/replies, xml ) Need Help??
fritz1968 has asked for the wisdom of the Perl Monks concerning the following question:


I am looking for some sample code that will allow me to disable (and enable) a Active Directory user account. I have not been able to find anything (in Perl) that is helpful.

Any help/suggestions/links/etc... would be much appreciated.

thanks, Frank

Replies are listed 'Best First'.
Re: Disable an AD Account via LDAP
by NetWallah (Abbot) on Oct 08, 2012 at 15:34 UTC
    The LDAP attribute you need to use is:
    I do not have actual code to SET/RESET that, but you can start with: this StackOverflow article.

                 I hope life isn't a big joke, because I don't get it.

Re: Disable an AD Account via LDAP
by netsecgeek (Initiate) on Apr 12, 2013 at 19:44 UTC
    Per, the UAC code for a Normal_Account is 512. Make it 514 to disable the account.
    my $ldap = Net::LDAP->new($host) or die "$@"; my $bind = $ldap->bind($bind_dn, password => $bind_pw); my $result = $ldap->modify($user_dn, replace => { userAccountControl = +> '512' }); $ldap->unbind();

Log In?

What's my password?
Create A New User
Node Status?
node history
Node Type: perlquestion [id://997828]
Approved by Corion
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others examining the Monastery: (4)
As of 2016-10-23 00:11 GMT
Find Nodes?
    Voting Booth?
    How many different varieties (color, size, etc) of socks do you have in your sock drawer?

    Results (299 votes). Check out past polls.