Inactivating Users And Roles; Inactivating User And Roles Using The Console - Netscape DIRECTORY SERVER 6.2 - ADMINISTRATOR Administrator's Manual

Inactivating Users and Roles

Inactivating Users and Roles
You can temporarily inactivate a single user account or a set of accounts. Once
inactivated, a user cannot bind to the directory. The authentication operation will
fail.
Users and roles are inactivated using the operational attribute
When an entry contains the
server rejects the bind.
You use the same procedures for inactivating users and roles. However, when you
inactivate a role, you are inactivating the members of the role and not the role entry
itself. For more information about roles in general and how roles interact with
access control in particular, refer to Chapter 5, "Advanced Entry Management."
The rest of this section describes the following procedures:
•

Inactivating User and Roles Using the Console

• Inactivating User and Roles Using the Command Line
• Activating User and Roles Using the Console
• Activating User and Roles Using the Command Line
CAUTION
Inactivating User and Roles Using the Console
The following procedure describes inactivating a user or a role using the console:
In the Directory Server Console, select the Directory tab.
1.
Browse the navigation tree in the left navigation pane and double-click the user
2.
or role you want to inactivate.
The Edit Entry dialog box appears.
You can also select Inactivate from the Object menu as a short cut.
280 Netscape Directory Server Administrator's Guide • December 2003
nsAccountLock
You cannot inactivate the root entry (the entry corresponding to the
root or sub suffix) on a database. For more information on creating
the entry for a root or sub suffix, refer to Chapter 2, "Creating
Directory Entries" for more information. For more information on
creating root and sub suffixes, refer to Chapter 3, "Configuring
Directory Databases".
nsAccountLock
attribute with a value of
.
, the
true