we have alfresco 5.2 in our environment. we have a couple of active directory domain and which is mapped in alfresco. previously we have all the users (including disabled and active users) in the alfresco.
we have modified the person query and enabled "synchronization.allowDeletions" in ldap-ad-authentication.properties to perform a full sync with the AD.
### user account status syncronization ### synchronization.externalUserControl=true synchronization.externalUserControlSubsystemName=ad1,ad2,ad3,ad4 ldap.synchronization.userAccountStatusProperty=userAccountControl ldap.synchronization.disabledAccountPropertyValue=514
after we restarted the alfresco service, we still see that user status (enabled/disabled) is not reflected in alfresco. users which are disabled in AD is still active in alfresco.
let me know what could be the issue here. our final goal is to do a full sync with active users in alfresco. if the user is disabled, the same should be reflected in alfresco as well.
### user account status syncronization ### synchronization.externalUserControl=true synchronization.externalUserControlSubsystemName=ad2,ad4 ldap.synchronization.userAccountStatusProperty=userAccountControl ldap.synchronization.disabledAccountPropertyValue=514
after i restarted alfresco service, still i can see old users in alfresco and their user status also NOT synced. let me know is this functionality will work with alfresco with AD configuration or is there something which i'm missing.