KEYCLOAK-11802 Simplifying logic for determining disabled status (#6416)

* KEYCLOAK-11802 Simplifying logic for determining disabled status
2019-10-24 14:43:16 -05:00 · 2019-10-24 14:43:16 -05:00 · e018ca3e29
commit e018ca3e29
parent d7a0597b1d
1 changed files with 1 additions and 8 deletions
--- a/federation/ldap/src/main/java/org/keycloak/storage/ldap/mappers/msad/MSADUserAccountControlStorageMapper.java
+++ b/federation/ldap/src/main/java/org/keycloak/storage/ldap/mappers/msad/MSADUserAccountControlStorageMapper.java
@ -218,14 +218,7 @@ public class MSADUserAccountControlStorageMapper extends AbstractLDAPStorageMapp
        @Override
        public boolean isEnabled() {
            boolean kcEnabled = super.isEnabled();
-
-            if (getPwdLastSet() > 0) {
-                // Merge KC and MSAD
            return kcEnabled && !getUserAccountControl(ldapUser).has(UserAccountControl.ACCOUNTDISABLE);
-            } else {
-                // If new MSAD user is created and pwdLastSet is still 0, MSAD account is in disabled state. So read just from Keycloak DB. User is not able to login via MSAD anyway
-                return kcEnabled;
-            }
        }

        @Override