Accepted Solutions
Hi there,
I believe what you are seeing is the expected behavior (see note below);
When the LDAP user account for a Connection user is disabled or deleted, or if an LDAP directory configuration is deleted from the Connection system, the following occurs:
1.
Initially, when Connection users try to sign in to a Connection web application, LDAP authentication fails because Connection is still trying to authenticate against the LDAP directory.
If you have multiple LDAP directory configurations accessing multiple LDAP user search bases, and if only one configuration was deleted, only the users in the associated user search base are affected. Users in other user search bases are still able to sign in to Connection web applications.
2. At the first scheduled synchronization, users are marked as “LDAP inactive” in Connection.
Attempts to sign in to Connection web applications continue to fail.
3. At the next scheduled synchronization that occurs at least 24 hours after users are marked as “LDAP inactive,” all Connection users whose accounts were associated with LDAP accounts are converted to Connection standalone users.
For each Connection user, the password for Connection web applications and for IMAP email access to Connection voice messages becomes the password that was stored in the Connection database when the user account was created. (This is usually the password in the user template that was used to create the user.) Connection users do not know this password, so an administrator must reset it.
The numeric password (PIN) for the telephone user interface and the voice user interface remains unchanged.
From;
Cheers!
Rob
Hi there,
I believe what you are seeing is the expected behavior (see note below);
When the LDAP user account for a Connection user is disabled or deleted, or if an LDAP directory configuration is deleted from the Connection system, the following occurs:
1. Initially, when Connection users try to sign in to a Connection web application, LDAP authentication fails because Connection is still trying to authenticate against the LDAP directory.
If you have multiple LDAP directory configurations accessing multiple LDAP user search bases, and if only one configuration was deleted, only the users in the associated user search base are affected. Users in other user search bases are still able to sign in to Connection web applications.
2. At the first scheduled synchronization, users are marked as “LDAP inactive” in Connection.
Attempts to sign in to Connection web applications continue to fail.
3. At the next scheduled synchronization that occurs at least 24 hours after users are marked as “LDAP inactive,” all Connection users whose accounts were associated with LDAP accounts are converted to Connection standalone users.
For each Connection user, the password for Connection web applications and for IMAP email access to Connection voice messages becomes the password that was stored in the Connection database when the user account was created. (This is usually the password in the user template that was used to create the user.) Connection users do not know this password, so an administrator must reset it.
The numeric password (PIN) for the telephone user interface and the voice user interface remains unchanged.
From;
Cheers!
Rob
