I connected liferay to Active Directory. The users are exported correctly and added to the correct group. However all newly created user accounts are disabled. This means that a user can nog logon with his AD credentials. Does anybody know why these users are disabled. Is this a liferay issue, or an AD issue?

These are my LDAP settings

User

Authentication search filter: (&(objectClass=person)(mail=@email_address@))
Screenname: cn
Password: userPassword
Email address: mail
Fullname: sAMAccountName
First name: givenName
Last name: sn
JobTitle: title
Group: memberOf


Group

group name: cn
description: sAMAccountName
User: member

Export

Users DN: OU=XXX,DC=XXX,DC=XXX
User Default Object Classes: top,person,user,organizationalPerson
Groups DN: OU=XXX,DC=XXX,DC=XXX
Group Default Object Classes: top,group