Hey,
The version we are using is DSEE 11
We have a service account, which supposed not to be lockedout and expired. However, in the ldap log, we do find the lockout.
Check the schema for that account, and find 3 special objectclasses along with their attributes
ObjectClass:
objectclass: napPassportUser
objectclass: ctscUserAuxClass
objectclass: napUserChallengeResponse
Attrributes:
ctscaccountenddate: 33331230000000Z
ctscaccountstartdate: 20151101110138Z
ctscfailedlogincount: 0
ctsclastresetdate: 20151101110139Z
ctsclockoutexpirationdate: 20151101110139Z
ctscpasswordcreationdate: 20151101110139Z
ctscpasswordexpirationdate: 40140704110139Z
ctscpasswordhistory: {SSHA}********
ctscuserkeywords: NotExpired
ctscuserkeywords: PasswordPolicy
So in this case, the account is controlled by the above attributes? Are those attributes system controlled and make the account locked out?
Thanks,
Shelly