Hi Fabio Thanks for the feedback. It's indeed a two phase resource but it's not clear to me what two phase really means and what the relation is with the behaviour I discovered.
The documentation says: Propagation mode Type of propagation that are supported by the resource. ONE_PHASE: propagation towards the external resource is closed at request time. TWO_PHASE: propagation towards the external resource is closed in two steps. step 1 - Syncope submit the propagation request to the external resource. step 2 - external resource send a notification about the propagation execution's result to Syncope The propagation happened to the LDAP directory (by checking with LDAP client) but I can't do any changes for the user in Syncope. Is this due to the missing notification (what kind of notification is that for LDAP)? Why does it work with a TWO_PHASE resource if you add the Resource at the time when you create the user but before hitting save. Thanks a lot for clarification Oli ________________________________ From: Fabio Martelli [[email protected]] Sent: 22 October 2014 11:10 To: [email protected] Subject: Re: User propagation with LDAP Il 22/10/2014 10:53, Oliver Wulff ha scritto: Hi there I came across the following issue which I don't know whether it's intended or not. When I create a user in syncope but don't add the LDAP resource initially (before clicking save) the user is created internally. When I add the resource later, the status for the LDAP resource is "Submitted". When I then check the status of the user again (By editing the user), there is a red exclamation mark. In the Propagation Tasks list the status is SUBMITTED and the user is propagated to the LDAP directory. But every update I do for this user fails. [LDAP: error code 68 - ENTRY_ALREADY_EXISTS: failed for MessageType : ADD_REQUEST Message ID : 216 Add Request : Entry dn[n]: uid=test3,ou=users,dc=fediz,dc=org objectClass: inetOrgPerson objectClass: organizationalPerson objectClass: person objectClass: top uid: test3 mail: [email protected]<mailto:[email protected]> sn: test2 cn: test1 test2 description: Active givenName: test1 : ERR_250_ENTRY_ALREADY_EXISTS uid=test3,ou=users,dc=fediz,dc=org already exists!] I'm wondering why initially the status is SUBMITTED in the propagations tasks list but when I check the status when editing the user, I got the red exclamation mark. Hi Oliver, probably you have configured a "two_phase" resource. Please, check again resource configuration. Best regards, F. -- Fabio Martelli Tirasa - Open Source Excellence http://www.tirasa.net/ Apache Syncope PMC http://people.apache.org/~fmartelli/
