Marco Di Sabatino Di Diodoro created SYNCOPE-1467: -----------------------------------------------------
Summary: RDN not allowed when an attribute of the group present also in the DN is changed Key: SYNCOPE-1467 URL: https://issues.apache.org/jira/browse/SYNCOPE-1467 Project: Syncope Issue Type: Bug Components: core Affects Versions: 2.1.4, 2.0.13 Reporter: Marco Di Sabatino Di Diodoro Fix For: 2.0.14, 2.1.5 During update of an attribute of a group, for example cn, Syncope returns an exception javax.naming.directory.SchemaViolationException: [LDAP: error code 67 - NOT_ALLOWED_ON_RDN: failed for MessageType : MODIFY_REQUEST Message ID : 41 Modify Request Object : 'cn=aGroupForPropagation2,ou=groups,o=isp' Modification[0] Operation : replace Modification owner: (null) Modification[1] Operation : replace Modification description: r12 Modification[2] Operation : replace Modification cn: aGroupForPropagation3org.apache.directory.api.ldap.model.message.ModifyRequestImpl@51d29a89: ERR_62 Entry cn=aGroupForPropagation2,ou=groups,o=isp does not have the cn attributeType, which is part of the RDN";]; remaining name 'cn=aGroupForPropagation2,ou=groups,o=isp' Cause: [LDAP: error code 67 - NOT_ALLOWED_ON_RDN: failed for MessageType : MODIFY_REQUEST To replicate the issue: # pull from resource-ldap 2. assign the grupp testLDAPGroup to resource-ldap 3. rename di testLDAPGroup in testLDAPGroup2 4. propagation error With a ldapmodify it's possible to rename the group dn: cn=aGroupForPropagation,ou=Groups,o=isp changetype: moddn newrdn: cn=aGroupForPropagation1 deleteoldrdn: 1 newsuperior: ou=Groups,o=isp -- This message was sent by Atlassian JIRA (v7.6.3#76005)