Novell eDirectory 220.127.116.11 for All Platforms
Novell eDirectory 8.8 for All Platforms
This scenario has been tested on SLES 10 with eDir 18.104.22.168, 8.8.1 and 8.8.2:
- Create a user
- Create a group
- Add the user to the group
- Run an instance of LDAP event monitoring against any of the replicas holding the group. Be sure to "register" for the EVT_DELETE_VALUE event for the Group object class
- Remove the user from the group: the event monitoring instance will correctly report that a delete for attribute 'member' with a value of the 'user DN' was removed from the group
- Add the user back to the group
- Delete the user: the event monitoring instance will incorrectly report that a delete for attribute 'member' with a value of '' (null) was removed from the group
It appears that the event monitor is failing to report the user DN when a user is removed from a group by way of the user object being deleted, as opposed to just having the group membership removed.
This has been fixed already with the latest eDirectory patches.