-
Bug
-
Resolution: Unresolved
-
Low
-
None
-
None
-
5
-
Severity 3 - Minor
-
1
-
The AD integration by default will try to use an incremental sync. For this to work we need two things:
- The user needs to be able to read uSNChanged attributes.
- The user needs to be able to access Deleted Objects container.
If either of these conditions is not true incremental sync will not work. At the moment Crowd silently just blindly assumes both of these conditions hold and tries to do an incremental sync even though it might not be working.
Crowd should detect if either of these conditions does not hold, and warn the user in some way. For example, during the connection test it could say that "Incremental Update is not possible....". Crowd might even rollback to doing a full sync if it detects that either of these conditions is not true.
- is related to
-
CWD-2713 USNChangedMapper throws NPEs if AD does not return the uSNChanged attribute
- Closed
-
CWD-3093 Incremental AD synchronisation silently ignores remote deletions if the user does not have admin privileges
- Closed
- relates to
-
CWD-3188 Failing incremental Crowd/Crowd synchronisation should fall back to full synchronisation
- Closed