You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Also two extra scenarios where UserAccountControl attribute is not enough:
AD Account expiration date should be read separately from accountExpires attribute
AD Account lockout info is stored in lockoutTime
And then there's also pwdLastSet mess because password expiration is read from domain root object's pwdMaxAge attribute, but one should take account the neverExpires bit in UserAccountControl. Though I guess Certidude should not care about the password...
Currently OCSP responder returns ok regardless of user account status in AD. Certidude should have config to handle this
The text was updated successfully, but these errors were encountered: