Bug #44
[Active Directory] use replace operation instead of add operation when changing unicodePwd LDAP attribute
| Status: | Closed | Start: | 20/04/2009 | |
|---|---|---|---|---|
| Priority: | Normal | Due date: | ||
| Assigned to: | Thomas Chemineau | % Done: | 100% |
|
| Category: | Core | |||
| Target version: | 1.1.0 | |||
| Problem in version: |
Description
When changing password for user account in Active Directory, LSC try to add a value instead of replace it. In fact, unicodePwd attribute is not readable at all, just writable. So, LSC does not see it, and tries to add it.
Associated revisions
fixes #44 - changing force action for force values to always replace and never add values
History
Updated by Thomas Chemineau over 1 year ago
- Status changed from New to Feedback
- % Done changed from 0 to 100
Applied in changeset r201.
Updated by Jonathan Clarke over 1 year ago
- Category set to Core
- Status changed from Feedback to Closed
- Assigned to set to Thomas Chemineau
- Target version set to 1.1.0
Tested this fix, and it's OK on existing setups.
It should be noted that this is useful for all directories, not just Active Directory - if you search an object and see no values for a given attribute, this does not mean there are not values. It means you are not allowed to read the values. Therefore, using replace on all attributes we know we want to control in an existing entry makes sense.