LDAP (AD) Sync and PINs?

I have setup LDAP sync and a daily cron task to sync the users. I have been using this for a while and PINs are not required. I just checked the configuration file and I think it is set to request the LDAP Password & a prefix PIN by default: default_request_ldap_pwd=1 default_request_prefix_pin=1 However none of the users have this set in their configuration files: request_ldap_pwd=1 request_prefix_pin=0 This is a fairly vanilla setup, built from the 5.0.4.7 .OVA file and upgraded to the latest 5.8.1.1 release. Just wondering why my users don't have PINs? Andy

Comments

  • Hello Andy,
    Did you setup the default_request_prefix_pin=1 before syncing the first time ?
    default_request_prefix_pin value is applied during the creation of the user only, but it will not change the option for the account if the account is already created.
    Regards,
  • edited March 2021
    Hi, I rebuilt this host the other day so didn't change any defaults other than adding the LDAP details. All the users were recreated from new (its all in a test environment). I think my issue is because both default_request_ldap_pwd=1 and default_request_prefix_pin=1 are set. If I change default_request_ldap_pwd=0, delete a user and resync then the re-added user I deleted configuration contains request_prefix_pin=1. I think its some logic issue....
  • Hello, On the user side, you cannot have as a prefix a [PREFIX PIN] AND as [LDAP PASSWORD]. If you set request_ldap_pwd=1, the prefix will be the LDAP password, and the built in [PREFIX PIN] will not be used. Regards,
This discussion has been closed.