Details
-
Bug
-
Resolution: Duplicate
-
Major
-
None
-
None
-
Grouper v2.3.0 with all PSPNG patches running on Linux Ubuntu 16.04.4 LTS xenial
Description
We have configured nine PSPNG provisioners, performing both incremental and full updates, of which eight are synchronizing Grouper to our Oracle LDAP, while one is synchronizing to our Active Directory (AD).
On all these provisioners we have set supportsEmptyGroups = TRUE and grouperIsAuthoritative = TRUE.
Leveraging the Grouper API, we then wrote a program that goes through all AD, Grouper and Oracle LDAP groups checking that group memberships match.
We have found that many groups exist in our Oracle LDAP but not in Grouper.
It appears that while doing our upgrade to Grouper v2.3.0 many groups got deleted in Grouper (end of term) before we could start running the PSPNG provisioners, i.e. there was a period of time when these groups were present in Oracle LDAP but not in Grouper.
We were expecting the full updates of the PSPNG provisioners synchronizing to Oracle LDAP to correct this issue by deleting the obsolete groups from Oracle LDAP, but actually they never got deleted.
Please let us know if you need more details on any configuration parameters or our log files.
Attachments
Issue Links
- is parent task of
-
GRP-1900 PSPNG - Patch Grouper 2.4 with recent Grouper 2.3 patches (17-21)
-
- Resolved
-