Marco Di Sabatino Di Diodoro created SYNCOPE-1467:
-----------------------------------------------------
Summary: RDN not allowed when an attribute of the group present
also in the DN is changed
Key: SYNCOPE-1467
URL: https://issues.apache.org/jira/browse/SYNCOPE-1467
Project: Syncope
Issue Type: Bug
Components: core
Affects Versions: 2.1.4, 2.0.13
Reporter: Marco Di Sabatino Di Diodoro
Fix For: 2.0.14, 2.1.5
During update of an attribute of a group, for example cn, Syncope returns an
exception
javax.naming.directory.SchemaViolationException: [LDAP: error code 67 -
NOT_ALLOWED_ON_RDN: failed for MessageType : MODIFY_REQUEST
Message ID : 41
Modify Request
Object : 'cn=aGroupForPropagation2,ou=groups,o=isp'
Modification[0]
Operation : replace
Modification
owner: (null) Modification[1]
Operation : replace
Modification
description: r12 Modification[2]
Operation : replace
Modification
cn:
aGroupForPropagation3org.apache.directory.api.ldap.model.message.ModifyRequestImpl@51d29a89:
ERR_62 Entry cn=aGroupForPropagation2,ou=groups,o=isp does not have the cn
attributeType, which is part of the RDN";]; remaining name
'cn=aGroupForPropagation2,ou=groups,o=isp'
Cause: [LDAP: error code 67 - NOT_ALLOWED_ON_RDN: failed for MessageType :
MODIFY_REQUEST
To replicate the issue:
# pull from resource-ldap
2. assign the grupp testLDAPGroup to resource-ldap
3. rename di testLDAPGroup in testLDAPGroup2
4. propagation error
With a ldapmodify it's possible to rename the group
dn: cn=aGroupForPropagation,ou=Groups,o=isp
changetype: moddn
newrdn: cn=aGroupForPropagation1
deleteoldrdn: 1
newsuperior: ou=Groups,o=isp
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
