Details
-
Bug
-
Resolution: Fixed
-
Critical
-
COmanage Registry 2.0.0 (Passing Fad)
Description
During some enrollment flows the LDAP Provisioner deletes and then later recreates (adds) the person record. The deletion and recreation may happen multiple times.
This can cause a problem when the Grouper Provisioner is being used to provision groups to Grouper and then Grouper (via the PSP for example) is configured to provision isMemberOf on the person record. The problem is that a group is provisioned from COmanage to Grouper and Grouper updates the isMemberOf attribute on the person record with the group name, but then the LDAP Provisioner deletes the record and when it is added back the isMemberOf attribute is not included (since in this scenario the LDAP Provisioner is not being used to provision group memberships into LDAP nor the isMemberOf attribute on the person record).