Bug 204966
Summary: | WinSync ignores entry if NT attributes are added later. | ||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|
Product: | Red Hat Directory Server | Reporter: | To Ngan <tngan> | ||||||||
Component: | Sync Service | Assignee: | Rich Megginson <rmeggins> | ||||||||
Status: | CLOSED CURRENTRELEASE | QA Contact: | Chandrasekar Kannan <ckannan> | ||||||||
Severity: | medium | Docs Contact: | |||||||||
Priority: | medium | ||||||||||
Version: | 7.1 | CC: | alee, benl, dlackey, jgalipea, nhosoi, nkinder | ||||||||
Target Milestone: | DS8.1 | ||||||||||
Target Release: | --- | ||||||||||
Hardware: | All | ||||||||||
OS: | Linux | ||||||||||
Whiteboard: | |||||||||||
Fixed In Version: | 8.1 | Doc Type: | Bug Fix | ||||||||
Doc Text: | Story Points: | --- | |||||||||
Clone Of: | Environment: | ||||||||||
Last Closed: | 2009-04-29 22:59:11 UTC | Type: | --- | ||||||||
Regression: | --- | Mount Type: | --- | ||||||||
Documentation: | --- | CRM: | |||||||||
Verified Versions: | Category: | --- | |||||||||
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||||||
Cloudforms Team: | --- | Target Upstream Version: | |||||||||
Embargoed: | |||||||||||
Bug Depends On: | |||||||||||
Bug Blocks: | 434915, 493682 | ||||||||||
Attachments: |
|
Description
To Ngan
2006-09-01 19:18:38 UTC
Created attachment 328796 [details]
diffs
Created attachment 328818 [details]
better diffs
Created attachment 328899 [details]
cvs commit log
Reviewed by: nkinder (Thanks!)
Fix Description: If we are replaying a modify operation, we need to check if the ntUser objectclass is being added along with the other attributes that tell the sync service to sync this entry. If the objectclass is being added or replaced, we check the existing entry to see if it is still a sync-able entry. If it is, we call process_replay_add to add the entry. I changed this function to accept a Slapi_Entry to add rather than the operation structure. Finally, I had to change the way we send the Account Control flags to take into account an entry that may have been added as a result of a modify operation.
I fixed a memory leak when setting the Slapi_Attr attribute type, and cleaned up a compiler warning.
NOTE: There will be no clear text password to send (unless the userPassword was modified in the same modify operation). This means the account will be added to Windows, and will be enabled, but will be essentially unusable - the user cannot login - until either the user modifies the password on the directory server side, or the administrator resets the password.
Platforms tested: RHEL5
Flag Day: no
Doc impact: yes - we will have to document the new winsync behavior
fix verified DS 8.1 RHEL 5 - Windows Synchronization 1.1.0 User added without nt attributes. User then modified and nt attributes added. Send and received updates. User correctly added to ADS and enabled. I do not see the new behavior documented in http://elladeon.fedorapeople.org/DirServer/8.1/admin/Windows_Sync.html Will open documentation bug and reference this bug. sorry - didn't mean to change component An advisory has been issued which should help the problem described in this bug report. This report is therefore being closed with a resolution of ERRATA. For more information on therefore solution and/or where to find the updated files, please follow the link below. You may reopen this bug report if the solution does not work for you. http://rhn.redhat.com/errata/RHEA-2009-0455.html |