Details
-
Improvement
-
Resolution: Completed
-
Minor
-
COmanage Registry 1.0.5 (Polished Polygon MR5)
Description
Currently, the LdapProvisioner blanks out any unconfigured attribute within a given schema. This is primarily to handle the situation where an attribute is de-configured, and existing records need to be updated to remove the attribute.
However, this causes two problems. One is that the eduPerson schema is periodically revised, and not all installations will be on the same version. This will throw errors if the LDAP server is on an older schema than COmanage supports. The other is that another system cannot provision attributes for a schema that COmanage manages, even if the specific attribute is not configured.
Offer a configuration option ("unconfigured attribute handling") with two options that correspond to the above behaviors: "remove" and "ignore", with the default as of 1.1.0 being "ignore" (a change from prior versions). Note that "ignore" will require some form of manual intervention if an attribute is subsequently deconfigured.