User in different department is deactivated by LDAPSYNC

Document ID : KB000084568
Last Modified Date : 14/04/2018
Show Technical Document Details
Issue:
Error Message :
N/A

ARA users are deactivated by LDAPSYNC even if they are not configured within the LDAPSYNC scope.

If there are multiple child domains set up for specific regions (e.g. EUROPE,JAPAN, APAC) and they also have the same user defined for a different domain (e.g. USER/EUROPE or USER/JAPAN), the user in the other region may be impacted when changes are made for a different domain.

In the client configuration file we have this parameter:
<AE userDomain="EUROPE" autoDeactivateUsers="true" />

When the LDAPSync is executed with the Domain EUROPE, any user in domain JAPAN will not be able to see the Release Automation perspective.


 
Cause:
Cause type:
Defect
Root Cause: ARA users were deactivated by LDAPSYNC even if they were not configured within the LDAPSYNC scope. When removing an LDAP user connected to an ARA user and running LDAPSync afterwards, all ARA users with the same name and user group, assigned to different departments and whose AE accounts were configured to connect to LDAP were deactivated and removed from the user group.
Resolution:
Update to a fix version listed below or a newer version if available.

Fix Status: In Progress

Fix Version(s):
LDAPSync 2.2.0 - Planned release date: 2018-06-19
LDAPSync 2.1.1 - Available
LDAPSync 2.0.4 - Available
LDAPSync 1.0.9 - Available
Additional Information:
Workaround :
In the client configuration file set:
 
<AE userDomain="EUROPE" autoDeactivateUsers="false"/>