Incremental sync does not correctly pick LDAP group rename

XMLWordPrintable

    • 12
    • Severity 2 - Major
    • 57

      Steps to reproduce

      1. In an AD server, create a user deke and a group (e.g. astronauts). Add deke to the group.
      2. In Crowd, create a LDAP connector and point it to AD, hen Sync
      3. Verify that triggered a sync and deke's group memberships show astronauts
      4. Rename astronauts to retired-astronauts
      5. Trigger a sync (should be an incremental sync)
      6. Check deke's group memberships in Crowd

      Observed

      deke is a member of astronauts and retired-astronauts.

      Expected

      deke is only a member of retired-astronauts

      Notes

      • A full sync restores the consistency.
      • This can be reproduced with a primary group membership, not just with a regular membership.

            Assignee:
            Unassigned
            Reporter:
            Caspar Krieger (Inactive)
            Votes:
            13 Vote for this issue
            Watchers:
            14 Start watching this issue

              Created:
              Updated: