Missing lockoutTime attribute

[kylejschultz]

I'm attempting to write a small tool for my team using ldap3 to quickly show my operations team whether or not an account is locked out. This is typically found using the lockoutTime attribute assigned to a user account but this value isn't there. We are able to find the user account and pull a good number of attributes, but the lockoutTime attribute does not seem to show up.

    with Connection(ldap_server, os.environ.get('LDAP_USER_CN'), os.environ.get('LDAP_USER_PASSWORD'), auto_bind=True, return_empty_attributes=True) as conn:
            conn.search(user_dn, '(objectclass=*)', attributes=[ALL_ATTRIBUTES, ALL_OPERATIONAL_ATTRIBUTES] ) 
            if conn.entries:
                print(conn.entries[0])
            else:
                return None 

When checking the user account in ADUC with the same account being used above, we are able to see this value is set to 0, however it is not returned when printing all attributes, and does not appear to be referencable with conn.entries[0].lockoutTime.value.

I might be missing something as it seems there are more fields than just this one that aren't being returned, as the list is fairly short - it is, however, returning the other values we're looking for - it's just this lockoutTime value that does not seem to come over.

Thanks!