Hi! I have Syncope 2.1.0 and Ldap connector 1.5.2. All works fine, but THERE IS A PROBLEM: When I remove attribute 'uniqueMember'='uid=myldapuser,ou=Users,o=client1,dc=xyz,dc=net' in one of LDAP groups such as 'MyGroup' and then pull changes to Syncope, Syncope does not remove 'myldapuser' to 'MyGroup' membership. Syncope only add new memberships from LDAP but don't remove old memberships (thous are removed in LDAP).
My Ldap connector has next settings: - Group Name Attributes = 'cn' - Group Member Attribute = 'uniqueMember' - Maintain LDAP Group Membership = true LdapSync resource has: - Actions Selected = LDAPMembershipPropagationActions - Capabilities - All LdapSync Pull Task has: - Pull Mode = ''FULL_RECONCILIATION" - Remediation = false - Actions Selected = LDAPMembershipPullActions - Matching rule = update - Unmatching rule = ASSIGN - Allow create = true - Allow update = true - Allow delete = true In debugger I see that Syncope has correct information about memberships -org.apache.syncope.core.provisioning.java.pushpull.LDAPMembershipPullActions, line 175, in field this.memberships (I see existing memberships and don't see removed memberships) BUT I don't see that in org.apache.syncope.core.provisioning.java.job.SetUMembershipsJob or in org.apache.syncope.core.provisioning.java.propagation.LDAPMembershipPropagationActions Syncope drop any memberships Thank you in advance for your help. -- Sent from: http://syncope-user.1051894.n5.nabble.com/
