Uploaded image for project: 'Syncope'
  1. Syncope
  2. SYNCOPE-1467

RDN not allowed when an attribute of the group present also in the DN is changed

VotersWatch issueWatchersLinkCloneUpdate Comment AuthorReplace String in CommentUpdate Comment VisibilityDelete Comments
    XMLWordPrintableJSON

Details

    • Bug
    • Status: Closed
    • Major
    • Resolution: Fixed
    • 2.0.13, 2.1.4
    • 2.0.14, 2.1.5, 3.0.0
    • core
    • None

    Description

      During rename of a group with LDAP resource assigned, Syncope returns an exception

      javax.naming.directory.SchemaViolationException: [LDAP: error code 67 - NOT_ALLOWED_ON_RDN: failed for MessageType : MODIFY_REQUEST
      Message ID : 66
          Modify Request
              Object : 'cn=testLDAPGroup,ou=groups,o=isp'
                  Modification[0]
                      Operation :  replace
                      Modification
      owner: (null)            Modification[1]
                      Operation :  replace
                      Modification
      description: (null)            Modification[2]
                      Operation :  replace
                      Modification
      cn: testLDAPGroup2org.apache.directory.api.ldap.model.message.ModifyRequestImpl@9aac12bb: ERR_62 Entry cn=testLDAPGroup,ou=groups,o=isp does not have the cn attributeType, which is part of the RDN";]; remaining name 'cn=testLDAPGroup,ou=groups,o=isp'
      
       Cause: [LDAP: error code 67 - NOT_ALLOWED_ON_RDN: failed for MessageType : MODIFY_REQUEST
      

      To replicate the issue with test data:

      1. pull from resource-ldap
      2. assign the group testLDAPGroup to resource-ldap
      3. rename testLDAPGroup to testLDAPGroup2
      4. propagation error

      With a ldapmodify it's possible to rename the group

      dn: cn=aGroupForPropagation,ou=Groups,o=isp
      changetype: moddn
      newrdn: cn=aGroupForPropagation1
      deleteoldrdn: 1
      newsuperior: ou=Groups,o=isp
      

      Attachments

        Activity

          This comment will be Viewable by All Users Viewable by All Users
          Cancel

          People

            mdisabatino Marco Di Sabatino Di Diodoro
            mdisabatino Marco Di Sabatino Di Diodoro
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved:

              Issue deployment