Red Hat Bugzilla – Bug 824073
WinSync In FreeIPA 2.2 (2.1.90) Deletes Users matched from AD
Last modified: 2013-03-05 14:51:11 EST
This bug is created as a clone of upstream ticket:
Following the document here: https://docs.fedoraproject.org/en-US/Fedora/15/html/FreeIPA_Guide/managing-sync-agmt.html#tab.sync-agmt-attrs
All users who's Active Directory samAccountName matched FreeIPA Uid's had their FreeIPA Uid's and Kerberos Principals deleted...
I double-checked /var/log/slapd-INSTANCE/audit and I can confirm that I see the MemberOf plugin Deleting the users from their previously associated Groups, but I DO NOT see any logs clearly showing the WinSync plugin deleting them. Ldap searches confirm that the users no longer exist in LDAP OR Kerberos...
Ticket 2688 was closed as a duplicate of https://fedorahosted.org/freeipa/ticket/2927.
Moving to POST since the issue was already fixed in 389-ds upstream, as a part of 188.8.131.52 release.
*** This bug has been marked as a duplicate of bug 818762 ***