To Enable or Disable a User Account in Active Directory you need to set the
ACCOUNTDISABLE Flag in the UserAccountControl attribute.
We have built this into the DS-UAC-Disabled column so that Data Sync handles all the complexity for you and all you need to do it return a Boolean value as to whether the account is enabled or disabled.
Returning True will disable the account and returning False will enable the user account.
The video below shows the process you need to follow to enable or disable Active Directory user accounts using Data Synchronisation Studio by updating the user account control attribute.
To get started you need to connect to your source data which contains a boolean column stating if the user account should be disabled or enabled.
True will disable the account and returning
False will enable the user account.
Your data might look similar to:
Then you need to connect to your Active Directory as your target. Full details on how to connect to Active directory can be seen here.
You now need to add your enabled/disabled column to the schema map and map this to the DS-UAC-Disabled column in the target.
To run the compare to view the changes click the
Compare A > B button in the toolbar. You can now view the changes that will be applied to ensure that they are correct. Click onto the blue diamond to view any update actions or the green plus for any additions. Deletes are disabled by default but will still show in the comparison results.
If you want to run a test on one account rather than the whole dataset then deselect the check-boxes using the clear all button and then check the check-box against the record/s you want to add.
Once you are happy with the changes click the Synchronise button to start the sync.
You can now either go into active directory and check that the updated accounts have the right status or you can preview the target data set and look at the disabled column values. Your Active Directory user accounts should now be disabled or enabled based upon your data.