Skip navigation

OSX Server - LDAP / pwpolicy - How to disable a account?

728 Views 4 Replies Latest reply: Apr 17, 2013 12:13 AM by hvornum RSS
hvornum Calculating status...
Currently Being Moderated
Apr 3, 2013 3:15 AM



For some reason, Apple is great at just changing the syntax or path of <insert random feature here>.

And thus, I'm having trouble disabling (not locking a account, that seems to work fine by setting pwdLastSet to 0) which should disable the user from logging in.


The reason being is that i'm creating a scenario where:


* User tries to login 3 times -> Gets locked out

  * A script running in the background unlocks the account after 30min or so


In between or even after the system adminitrator has a neat button to disable accounts and it shouldn't just lock out the accounts because that would sort of defeat the purpose of the script and the whole locked-out mechanism but rather disable the account all togeather rendering the users account invalid for logins even if the correct password is supplied and the account is unlocked/never locked in the first place.



Is this possible? and where do i get & set this value because it sure isn't stored in the LDAP directory any longer (or wasn't even in the first place?).



Script language: PHP





(Note: I come from a Unix and some what Windows background and finding things in OSX is more confusing than not since 80% of the guides and documentation is obsolete if you even manage to find any on the interwebs, hence why i need help with even the basic stuff as figuring out how and where the mechanics are for different password/account parts)

Virtual and Some default server?, OS X Server, PHP, Apache, OpenLDAP (?)


More Like This

  • Retrieving data ...

Bookmarked By (1)


  • This solved my question - 10 points
  • This helped me - 5 points
This site contains user submitted content, comments and opinions and is for informational purposes only. Apple disclaims any and all liability for the acts, omissions and conduct of any third parties in connection with or related to your use of the site. All postings and use of the content on this site are subject to the Apple Support Communities Terms of Use.