Hi Hermann, Answers inline.
On Tue, Jun 14, 2016 at 2:28 PM, Hermann Angstl <[email protected]> wrote: > *- propagating membership information is not working.* > > > > For example, I created “user2” and “role2” and assigned “role2” to > “user2”. When I look into my LDAP I can see: > > - cn=user2,ou=users,dc=example,dc=com > > - cn=role2,ou=roles,dc=example,dc=com > > > > When looking into the details of cn=role2,ou=roles,dc=example,dc=com I > expected to see > > *member: cn=user2,ou=users,dc=example,dc=com* > > > > But that was not the case. Somehow Syncope does not propagate the group > memberships information. > > (1) Any suggestions what I have to do to make it work? > I did a quick check there with the same Syncope version you are using and it worked succcessfully. Have you enabled the LDAPMembershipPropagationActions in the Resource configuration? > > > > > (2) Another thing that I don’t understand: When Syncope creates a new Role > in LDAP, it always looks like this > > objectClass: groupOfNames (structural) > > objectClass: top (abstract) > > cn: role2 > > *member: cn=Directory Manager,dc=example,dc=com* > > > > It always sets the Principal that I configured under Resources / > Connectors (cn=Directory Manager,dc=example,dc=com is) as a member of the > group. Why is that? > Not sure, I can reproduce this as well. I will play around with it unless someone else chimes in to see if I can reproduce it in different environments and with later versions of Syncope. Colm. > > > cheers, > > Hermann > -- Colm O hEigeartaigh Talend Community Coder http://coders.talend.com
