Uploaded image for project: 'COmanage'
  1. COmanage
  2. CO-1354

LdapProvisioner Should Not Rewrite Entries on Petition

    XMLWordPrintable

Details

    Description

      The LdapProvisioner performs a delete then add on several provisioning statuses, specifically CoPersonAdded, CoPersonPetitionProvisioned, CoPersonPipelineProvisioned, CoPersonUnexpired. For Petition/Pipeline updates, this should probably be a modify instead (which will promote to an add if needed), since there are various circumstances where this is problematic.

      eg: An account linking flow that does not change memberships will cause a delete-then-add, and while the GrouperProvisioner will pick this up Grouper itself will not detect a change and so will not rewrite LDAP. There may be other similar scenarios.

      It's not clear if this should be backported to 1.0.x, since other provisioning related changes may have masked this behavior in prior versions.

      Attachments

        Issue Links

          is related to

          New Feature - A new feature of the product, which has yet to be developed. CO-1011 Maintain LDAP Record on Expire/etc

          • Minor - Minor loss of function, or other problem where easy workaround is present.
          • Resolved

          Activity

            People

              benn.oshrin@at.internet2.edu Benn Oshrin (internet2.edu)
              benn.oshrin@at.internet2.edu Benn Oshrin (internet2.edu)
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: