https://fedorahosted.org/389/ticket/47642 https://fedorahosted.org/389/attachment/ticket/47642/0001-Ticket-47642-Windows-Sync-group-issues.patch Bug Description: When an entry is moved on AD, and the entry is a member of a group, the value of the member in the group is automatically updated. But Windows Sync Control request only returns the renamed entry; it does not return the group having the member in it even though the value is updated. This is because an AD group stores DNT (Distinguish Name Tag -- ID in integer) instead of the dn itself. Since the rename operation does not change DNT, the group entry on AD has no change, either. On the DS side, the group entry stores the full DN which needs to be adjusted to the renamed DN to complete the synchronization with AD. Fix Description: Once rename operation is received from AD, windows_update_local_entry searches groups having a member value matches the pre-renamed dn on DS, and replaces the old dn with the renamed one. -- 389-devel mailing list 389-devel@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/389-devel
