Bug 824073

Summary: WinSync In FreeIPA 2.2 (2.1.90) Deletes Users matched from AD
Product: Red Hat Enterprise Linux 7 Reporter: Dmitri Pal <dpal>
Component: ipaAssignee: Rob Crittenden <rcritten>
Status: CLOSED DUPLICATE QA Contact: IDM QE LIST <seceng-idm-qe-list>
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: 7.0CC: mkosek, nsoman
Target Milestone: rc   
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2013-03-05 19:51:11 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Dmitri Pal 2012-05-22 16:58:53 UTC 
This bug is created as a clone of upstream ticket:
https://fedorahosted.org/freeipa/ticket/2688

Following the document here: https://docs.fedoraproject.org/en-US/Fedora/15/html/FreeIPA_Guide/managing-sync-agmt.html#tab.sync-agmt-attrs

All users who's Active Directory samAccountName matched FreeIPA Uid's had their FreeIPA Uid's and Kerberos Principals deleted...

I double-checked /var/log/slapd-INSTANCE/audit and I can confirm that I see the MemberOf plugin Deleting the users from their previously associated Groups, but I DO NOT see any logs clearly showing the WinSync plugin deleting them.  Ldap searches confirm that the users no longer exist in LDAP OR Kerberos...

Package Versions:
freeipa-server-selinux-2.1.90.rc1-0.fc16.x86_64
freeipa-server-2.1.90.rc1-0.fc16.x86_64
freeipa-admintools-2.1.90.rc1-0.fc16.x86_64
freeipa-client-2.1.90.rc1-0.fc16.x86_64
freeipa-python-2.1.90.rc1-0.fc16.x86_64
389-ds-base-libs-1.2.10.6-1.fc16.x86_64
389-ds-base-1.2.10.6-1.fc16.x86_64
Comment 1 Martin Kosek 2012-11-07 15:19:37 UTC 
Ticket 2688 was closed as a duplicate of https://fedorahosted.org/freeipa/ticket/2927.

Moving to POST since the issue was already fixed in 389-ds upstream, as a part of 1.2.11.12 release.
Comment 3 Namita Soman 2013-03-05 19:51:11 UTC 

*** This bug has been marked as a duplicate of bug 818762 ***