Description of problem: It seems that the memberOf attribute handling by the memberOf plugin limited to objects inside the same subsuffix. If my group suffix is based on a different database from my user suffix, then the memberof plugin does not update the memberof attribute. The plugin works only if users and groups are locatred in the same suffix. Version-Release number of selected component (if applicable): v. 1.2.10.4 How reproducible: see description Steps to Reproduce: 1. 2. 3. Actual results: Unable to use this plugin because memberof does not work properly. Expected results: Add the correct attribute to the user entry Additional info:
The memberOf plug-in does not work across multiple backend databases by design. There are concerns of things getting out of sync if one backend is taken offline or put in a read-only state, as memberOf wouldn't be able to preform updates properly in that case. It is possible that code changes could be made to allow memberOf to perform updates across backend databases, but there are chances for membership inconsistencies to arise.
The first need is that it works in the standard case. No matter if it does not work in particular cases (offline backend, read only...).
Upstream ticket: https://fedorahosted.org/389/ticket/326
This was fixed in 389-ds-base-1.2.11.1-1.fc17. Closing.