Uploaded image for project: 'Grouper'
  1. Grouper
  2. GRP-3563

Group DN override does not work with "flat" naming

    XMLWordPrintable

Details

    • Bug
    • Resolution: Unresolved
    • Minor
    • None
    • None
    • None
    • None
    • Container release 2.5.54

    Description

      DN override seems to be incompatible with flat naming.

      The provisioner forces this naming pattern on groups when flat is chosen...

      grouper/src/grouper/edu/internet2/middleware/grouper/app/ldapProvisioning/LdapProvisioningTranslator.java,  ~ line 56
      } else if (ldapSyncConfiguration.getGroupDnType() == LdapSyncGroupDnType.flat) {
      dn = GrouperUtil.ldapEscapeRdn(groupRdnAttributeName + "=" + fieldValueString) + "," + ldapSyncConfiguration.getGroupSearchBaseDn();

      }
      ...which results in group names like...
      cn=cn\=my-test-group\,ou\=User Groups\,ou\=Groups\,dc\=umich\,dc\=edu,ou=ManagedGroups,ou=Groups,dc=umich,dc=edu
       

      Based on the code in LdapProvisioningTranslator, I don't believe the issue can be worked around with the "proper" Group field name - translation expression

       

      Attachments

        Activity

          People

            chris.hyzer@at.internet2.edu Chris Hyzer (upenn.edu)
            liam.hoekenga@at.internet2.edu Liam Hoekenga (umich.edu)
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

            Dates

              Created:
              Updated: