COmanage Users List

[Benn Oshrin <>]

I'll have to try to reproduce this. I assume you have a group membership 
specified as part of the enrollment flow?

Can you open a JIRA for this?

Thanks,

-Benn-

On 6/3/14 4:15 PM, Mike Manske wrote:
> We are running commit fdf500b229 in a production environment. We are
> using the LDAP provisioner plugin, accessed at path
> '.../registry/ldap_provisioner/co_ldap_provisioner_targets/edit...'.
>
> We have both a People Base DN and a Group Base DN defined. We have
> objectclass 'groupOfNames' enabled. The provisioner status is set to
> 'Automatic Mode.'
>
> The provisioning to the People Base DN seems to work fine when a
> person is enrolled. However, the LDAP Group DN is not updated by an
> enrollment. Looking at the LDAP records after an enrollment, we see
> the person record has 'isMemberOf' attributes for the correct groups,
> but the records for the corresponding groups do not have the person's
> identifier in the 'hasMember' attribute.
>
> To continue, if we manually remove a person from a group via
> '...registry/co_groups/edit...'
> or modify membership via
> '/registry/co_group_members/select/...'
> the group change is automatically pushed to LDAP. Also, if we manually
> provision a group via
> '.../registry/co_groups/provision...'
> this also pushes the change to LDAP.
>
> Is there something I can check in my configuration to ensure the LDAP
> groups are updated with new enrollments?
>
> I  have also attached screen images to avoid ambiguity.
>
> Regards.