Bug 704295 - RFE: allow a group-only sync agreement to see users in other sync agreements from the same DC
Summary: RFE: allow a group-only sync agreement to see users in other sync agreements ...
Keywords:
Status: CLOSED DUPLICATE of bug 746646
Alias: None
Product: 389
Classification: Retired
Component: Replication - General
Version: 1.2.8
Hardware: Unspecified
OS: Unspecified
unspecified
unspecified
Target Milestone: ---
Assignee: Rich Megginson
QA Contact: Ben Levenson
URL:
Whiteboard:
Depends On:
Blocks: 512820
TreeView+ depends on / blocked
 
Reported: 2011-05-12 17:32 UTC by Joshua Roys
Modified: 2015-11-12 22:11 UTC (History)
1 user (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2015-11-12 22:11:31 UTC

Attachments (Terms of Use)
Add an attachment (proposed patch, testcase, etc.)

Description Joshua Roys 2011-05-12 17:32:58 UTC 
Description of problem:
Our AD setup has users in ou=$UNIT,ou=Personnel,$BASE and groups in ou=Groups,ou=Global,$BASE.  We have a sync agreement in place for every $UNIT OU and the Groups OU.  The Groups sync can't see any users because they are outside the scope of itself.


Version-Release number of selected component (if applicable):
1.2.8.3


Actual results:
NSMMReplicationPlugin - received entry from dirsync: CN=Roys\, Joshua,OU=$UNIT,OU=Personnel,$BASE
NSMMReplicationPlugin - agmt="cn=Org Groups" (dc01:636): map_entry_dn_inbound: looking for local entry matching AD entry [CN=Roys\, Joshua,OU=$UNIT,OU=Personnel,$BASE]
NSMMReplicationPlugin - agmt="cn=Org Groups" (dc01:636): map_entry_dn_inbound: looking for local entry by guid [fd1c....]
NSMMReplicationPlugin - agmt="cn=Org Groups" (dc01:636): map_entry_dn_inbound: problem looking for guid: -1
NSMMReplicationPlugin - agmt="cn=Org Groups" (dc01:636): map_entry_dn_inbound: looking for local entry by uid [jroys]
NSMMReplicationPlugin - agmt="cn=Org Groups" (dc01:636): map_entry_dn_inbound: problem looking for username: -1

dse.ldif snippets:

dn: cn=Org Groups,cn=replica,cn=$BASE,cn=mapping tree,cn=config
objectClass: top
objectClass: nsDSWindowsReplicationAgreement
description: Org Groups
cn: Org Groups
nsds7WindowsReplicaSubtree: ou=Groups,ou=Global,$BASE
nsds7DirectoryReplicaSubtree: ou=Groups,$BASE
nsds7NewWinUserSyncEnabled: off
nsds7NewWinGroupSyncEnabled: on
nsds7WindowsDomain: $DOMAIN
nsDS5ReplicaRoot: $BASE
nsDS5ReplicaHost: dc01.$DOMAIN
nsDS5ReplicaPort: 636
nsDS5ReplicaBindDN: $BINDDN
nsDS5ReplicaTransportInfo: SSL
nsDS5ReplicaBindMethod: SIMPLE
nsDS5ReplicaCredentials: $PASS
creatorsName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot
modifiersName: cn=Multimaster Replication Plugin,cn=plugins,cn=config
createTimestamp: 20110510124714Z
modifyTimestamp: 20110512172057Z

dn: cn=Org $UNIT,cn=replica,$BASE,cn=mapping tree,cn=config
objectClass: top
objectClass: nsDSWindowsReplicationAgreement
description: Org $UNIT
cn: Org $UNIT
nsds7WindowsReplicaSubtree: ou=$UNIT,ou=Personnel,$BASE
nsds7DirectoryReplicaSubtree: ou=$UNIT,ou=People,$BASE
nsds7NewWinUserSyncEnabled: on
nsds7NewWinGroupSyncEnabled: on
nsds7WindowsDomain: $DOMAIN
nsDS5ReplicaRoot: $BASE
nsDS5ReplicaHost: dc01.$DOMAIN
nsDS5ReplicaPort: 636
nsDS5ReplicaBindDN: $BINDDN
nsDS5ReplicaTransportInfo: SSL
nsDS5ReplicaBindMethod: SIMPLE
nsDS5ReplicaCredentials: $PASS
creatorsName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot
modifiersName: cn=Multimaster Replication Plugin,cn=plugins,cn=config
createTimestamp: 20110429190248Z
modifyTimestamp: 20110512172057Z
Comment 3 Martin Kosek 2012-01-04 13:23:17 UTC 
Upstream ticket:
https://fedorahosted.org/389/ticket/44
Comment 5 Noriko Hosoi 2015-11-12 22:11:31 UTC 

*** This bug has been marked as a duplicate of bug 746646 ***
Note You need to log in before you can comment on or make changes to this bug.