-
Type:
Bug
-
Resolution: Unresolved
-
Priority:
Low
-
None
-
Affects Version/s: 4.20.16
-
Component/s: Assets - Import
-
1
-
Severity 2 - Major
-
0
Issue Summary
Users can set Group restrictions through "Type Value" for their User type attribute to make sure users belonging to only the selected group(s) show up in the dropdown choice(s). However, this only works when user tries to update object manually except for JSDSERVER-12254 : Insight/Assets queries different REST endpoint to populate User attribute values between Old schema view and new object view
Insight LDAP import does not take this group restriction during import. So it would populate users who do not belong with the restricted group(s).
This is reproducible on Data Center: yes
Steps to Reproduce
- First need to set up an LDAP structure with multiple groups and members in them, for example:
- User1, User2 belongs to Group1
- User3 and User4 belongs to Group2
- Create a Object Schema structure for "group" object type which also has a "members" attribute which is of "User" type
- Restrict the User type attribute to a particular group(s): Group1
- Perform an LDAP import
Expected Results
Users belonging to only Group1 is imported and mapped to the "members" attribute
Actual Results
LDAP import would import all users of all groups regardless of the attribute restriction:
Workaround
Currently there is no known workaround for this behavior. A workaround will be added here when available
- is related to
-
-
- Gathering Impact
-
- links to
