Bug 243221 - rhds71 AD Directory sync fails if attribute 'initials' has too many characters in one of the entries
rhds71 AD Directory sync fails if attribute 'initials' has too many character...
Product: Red Hat Directory Server
Classification: Red Hat
Component: Sync Service (Show other bugs)
All Linux
medium Severity medium
: DS8.0
: ---
Assigned To: Nathan Kinder
Viktor Ashirov
Depends On:
Blocks: 240316
  Show dependency treegraph
Reported: 2007-06-07 19:57 EDT by Issue Tracker
Modified: 2016-05-06 10:45 EDT (History)
2 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2016-05-06 10:45:57 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)
CVS Diffs (9.04 KB, patch)
2007-08-23 16:31 EDT, Nathan Kinder
no flags Details | Diff

  None (edit)
Description Issue Tracker 2007-06-07 19:57:52 EDT
Escalated to Bugzilla from IssueTracker
Comment 4 Chandrasekar Kannan 2007-07-26 00:25:06 EDT
per bug council on 07/24, blocking DS8.0
Comment 5 Nathan Kinder 2007-08-23 16:31:21 EDT
Created attachment 172375 [details]
CVS Diffs

These diffs address the attribute length contraint of the "initials" attribute
by trimming attribute values larger than the 6 character limit imposed by AD. 
This trimming occurs in the RHDS -> AD direction only.

What this means is that you can store an initials attribute value of "longname"
in RHDS, but the value will be trimmed to "longna" when sent to AD.  This
trimmed attribute will not be synch'd back to RHDS on the next Dirsync
operation.  This case is handled by only comparing the first 6 characters of
the initials attribute value when changes go in the AD -> RHDS direction.
Comment 6 Nathan Kinder 2007-08-23 16:51:37 EDT
Checked into ldapserver (HEAD).  Thanks to Rich for the review!

Checking in windows_protocol_util.c;
 <--  windows_protocol_util.c
new revision: 1.28; previous revision: 1.27
Checking in windowsrepl.h;
/cvs/dirsec/ldapserver/ldap/servers/plugins/replication/windowsrepl.h,v  <-- 
new revision: 1.10; previous revision: 1.9
Comment 8 Yi Zhang 2007-10-17 16:53:52 EDT
Verification test has been done as below: (manually execution)

    Create a valid ntUser on either side (RHDS or AD), and sync between RHDS and AD.

    Condition A: If customer modify "initials" value on RHDS side, then:
    A.1      if the first 6 char has been changed, the new value(first 6 chars)
will sync to AD side
    A.2      otherwise, if chars after 6th char in value being changed, sync
action will occurs, but value won't change in AD side

   Condition B: If customer modify "initials" value on AD side, then the value
on RHDS side will be replaced (the whole "initials" value string, not just the
first 6 chars)

Note You need to log in before you can comment on or make changes to this bug.