Bug 757120 - [IPA DOC] IPA winsync - Users without "surname" in AD would not be synced.
Summary: [IPA DOC] IPA winsync - Users without "surname" in AD would not be synced.
Keywords:
Status: CLOSED CURRENTRELEASE
Alias: None
Product: Red Hat Enterprise Linux 6
Classification: Red Hat
Component: doc-Identity_Management_Guide
Version: 6.2
Hardware: Unspecified
OS: Unspecified
medium
medium
Target Milestone: rc
: 6.3
Assignee: Deon Ballard
QA Contact: ecs-bugs
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2011-11-25 14:11 UTC by Gowrishankar Rajaiyan
Modified: 2012-06-21 23:14 UTC (History)
1 user (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2012-06-21 23:14:06 UTC
Target Upstream Version:

Attachments (Terms of Use)
Add an attachment (proposed patch, testcase, etc.)

Description Gowrishankar Rajaiyan 2011-11-25 14:11:07 UTC 
Description of problem:


Version-Release number of selected component (if applicable):
ipa-server-2.1.3-9.el6.x86_64

How reproducible:
Always

Steps to Reproduce:
- Windows server LDAP schema has objectclass Person which does not have 'surname' attribute as mandatory. I.e. you can have users without surnames.

- RFC4519 defines Person object class that MUST have 'sn' attribute (surname). I.e. all traditional LDAP database persons must have surnames.

As result, if you sync users between the two with using IPA winsync plugin, those users without surnames will not be synced.
  

Expected results: We should document this since it looks like a common practice to create users (at-least some) without lastname/surname.


Additional info:
Comment 2 Deon Ballard 2012-05-03 16:34:12 UTC 
Setting all priority and severity to medium.
Comment 3 Deon Ballard 2012-05-03 17:38:17 UTC 
Added 8.2.1.1.4 for differences with the sn attribute:
http://docs.redhat.com/docs/en-US/Red_Hat_Enterprise_Linux/6-Beta/html/Identity_Management_Guide/about-sync-schema.html#Windows_Sync-Schema_Differences-users
Comment 5 Deon Ballard 2012-06-21 23:14:06 UTC 
Closing.
Note You need to log in before you can comment on or make changes to this bug.