This content has been marked as final. Show 1 reply
We had the same problem.
To get around it we changed out user query filter to: (&(&(objectCategory=person)(objectClass=user))(!(userAccountControl:1.2.840.113518.104.22.1683:=2)))
Additionally we brought this issue to the attention of our HR and IT Operations staff who then added a profile property field which we used to determine who to show in our people finder.
How to import user profile information of enabled user accounts from Active Directory to SharePoint
"To import user profile information of only user accounts that are enabled, use the (&(objectCategory=person)(objectClass=user)( !(userAccountControl:1.2.840.113522.214.171.1243:=2))) LDAP search filter. "
Best of luck!
We have a Oracle WCI10gR3 portal implementation. We found that accounts of users who have left the company and thier AD accounts are disabled are still searchable in the portal.
We have a custom portlet which shows the profile (Education Details, Years of Experience, Hobbies, etc) of any user when we search for the user. Since the disabled users are searchable, this portlet is also picking up the disabled users.
In our case, disabled account are stored under a folder named Disabled under the Accounts root folder. Our Authentication Source and Profile soure settting are set that all users under Accounts folder of Active Directory are synchronized. The settings are as belows:
User Query Base: OU=Accounts,DC=company,DC=com
User Query Filter: (&(objectcategory=person)(objectclass=user))
I want to know, is there any way, anyone else handles disbled accounts in AD, so that the disabled accounts in the Disabled folder under Accounts folder are not brought into the portal?