Re: [Glpi-bugtrack] [GLPI] #1248: User is not synchronised when group membership is read from the group object

GLPI Tue, 14 Apr 2009 02:35:25 -0700

#1248: User is not synchronised when group membership is read from the group
object
----------------------------+-----------------------------------------------
 Reporter:  walid           |        Owner:  walid 
     Type:  bug             |       Status:  new   
 Priority:  normal          |    Milestone:  0.75  
Component:  Authentication  |      Version:  0.71.5
 Severity:  minor           |   Resolution:        
 Keywords:                  |           Cd:  2     
----------------------------+-----------------------------------------------
Old description:


> Group membership can be obtain by :
> 1 - reading an attribute in the user object (for example member can
> indicate the group's dn)
> 2 - reading an attribute in the group object (for example memberOf can
> indicate the user's dn)
>
> When the group membership is filled in the user object, each membership
> changes update the user object, and then changes its ldap timestamp
> but when the group membership is filled in the group object, it doesn't
> changes the user ldap timestamp, and user is not considered as to update
> (which means that the rules engine is not called)

New description:

 Group membership can be obtain by :

 1 - reading an attribute in the user object (for example member can
 indicate the group's dn)

 2 - reading an attribute in the group object (for example memberOf can
 indicate the user's dn)

 When the group membership is filled in the user object, each membership
 changes update the user object, and then changes its ldap timestamp
 but when the group membership is filled in the group object, it doesn't
 changes the user ldap timestamp, and user is not considered as to update
 (which means that the rules engine is not called)

Comment (by remi):

 Dynamic group (imported from LDAP) also need to be identified, as profiles
 with a dynamic attribute.

 This will allow to remove group membership when ldap is updated.

-- 
Ticket URL: <https://dev.indepnet.net/glpi/ticket/1248#comment:2>
GLPI <https://dev.indepnet.net/glpi/>
Gestion Libre de Parc Informatique
_______________________________________________
Glpi-bugtrack mailing list
[email protected]
https://mail.gna.org/listinfo/glpi-bugtrack

Re: [Glpi-bugtrack] [GLPI] #1248: User is not synchronised when group membership is read from the group object

Répondre à