test

Sun Java Communications Suite 5 Schema Reference

inetUserStatus

Origin

Messaging Server 5.0, Calendar Server 5.1.1

Syntax

cis, single-valued

Object Classes

inetUser

Definition

Specifies the status of a user’s account with regard to global server access. This attribute enables the administrator to temporarily suspend, reactivate, or permanently remove access to all services for a user account.

The following table lists the values for this attribute:

Table 3–9 Status Attribute Values

Values  

Description  

active 

The user account is active and the user can use all services enabled by the overlay of service-specific object classes and the service state as indicated by the particular status attribute for that service. For example, a user can use the email system if both mailUserStatus and inetDomainStatus are set to active.

inactive 

The user account is inactive. The account cannot use any services granted by service-specific object classes. This state overrides individual service status set using the service’s status attributes. 

deleted 

The account is marked as deleted. The account can remain in this state within the directory for some time (pending purging of deleted users). Service requests for a user marked as deleted must return permanent failures. 

A missing value implies status is active. An illegal value is treated as inactive.

There are four status attributes that mail services look at and which are evaluated in this order: inetDomainStatus, mailDomainStatus, inetUserStatus, and mailUserStatus. The rule is: the first of these attributes that is set to something other than active takes precedence over all the others.

For calendar services, the attributes evaluated are: inetDomainStatus, icsStatus (for icsCalendarDomain), inetUserStatus, icsStatus (for icsCalendarUser).

When this attribute applies to a static group, defined using the inetUser object class, inactivating (disabling) the group only applies to the group itself and not the users in the group.

To disable the users of a group, create a dynamic group by assigning roles to the users, and then disable the role (which disables all users assigned to that role). For more information about roles, see the Sun Java System Directory Server Administrator’s Guide.

The MTA option LDAP_USER_STATUS can be used to specify a different attribute to be used for user status.

Example

inetUserStatus=inactive

OID

2.16.840.1.113730.3.1.692