Active Directory Disabled/Locked Out Users

  • Home
  • Docs
  • Active Directory Disabled/Locked Out Users
 

Userify Enterprise: How Disabled/Locked Out Users in Active Directory Are Handled

Applies to: Active Directory and LDAP

When a user account is locked out (via timestamp) or disabled (bitmask) in your Enterprise Directory, Userify flips a disabled flag in the associated Userify account. (This flag is kept in sync and automatically unset when the account is returned to normal status.)

When disabled, the user's account can still be managed in the Userify dashboard, and permissions can be granted or revoked just as when the account is fully functioning, except that those changes do not take place until the account is fixed.

Disabled and locked out user accounts:

  • Are removed from all servers including home directories, etc. (restorable)
  • The user cannot log into any servers
  • Any scripts or daemons owned by that user are terminated.

When re-enabled (un-disabled or unlocked), server user accounts and access are restored (including home directories) across all servers that the user has access to.

Get More Information

Please fill out the form below to receive more information about Userify Express and Enterprise.