[midPoint] Removing member from group LDAP

Beerens, Wietse wietse.beerens at worldline.com
Thu Aug 25 12:17:39 CEST 2022


Dear Community,

We are working with an 389DS LDAP server to read from and provision to. But I have a question regarding managing group membership.
It seems we are able to add the users(account/DN) to a group but when I remove the user from the group, the account references on the member attribute is not removed.

The configuration we have in midpoint is that the associations on the accounts in the schema handling.
We have an object-to-subject direction setup, so the relational attribute (member) is on the group.
I have also tried to put the relationship in to a non-Tolerant state because we are the only system (at the moment) using the LDAP.

Further our setup is very much the same as the examples (and demo environment). And I almost know for certain this worked in the past.

Things I have noticed is that the WicketFilter-filesystem is growing is size, that could perhaps be related? I need to clean this every now an then so the system does not run out of diskspace.

Does anyone knows what I might be missing or configured wrongly?

Current version: 4.3.1 (but we will upgrade soon to 4.4.2)

Thank you in advance,
Wietse Beerens

Worldline, Cardlink, GoPay and Santeos are registered trademarks and trade names owned by the Worldline Group. This e-mail and any documents attached are confidential and intended solely for the addressee. It may also be privileged. If you are not the intended recipient of this e-mail, you are not authorized to copy, disclose, use or retain it. Please notify the sender immediately and delete this e-mail (including any attachments) from your systems. As e-mails may be intercepted, amended or lost, they are not secure. Therefore, Worldline's and its subsidiaries' liability cannot be triggered for the message content. Although the Worldline Group endeavors to maintain a virus-free network, we do not warrant that this e-mail is virus-free and do not accept liability for any damages, losses or consequences resulting from any transmitted virus if any. The risks are deemed to be accepted by anyone who communicates with Worldline or its subsidiaries by e-mail.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.evolveum.com/pipermail/midpoint/attachments/20220825/f8a205a1/attachment.htm>


More information about the midPoint mailing list