The info on this page applies to Grouper 2.6 and above.
Add these unit tests
gidnumber missing in target and DN matches
Have multiple search/matching attributes. First look for gidnumber, then look for DN.
Have a group in grouper with dn override and a gid number
Have no group in target with gidnumber, but a dn that matches the override
Grouper should find that group, assign the gidnumber in the target, and manage the group
DN of user changes full sync
If a full sync occurs and the DN of a user changes, and the DN is the membership attribute value of a group, it should be reflected in the provisioner cached data, and in the group membership lists (for all groups of that user)
DN of user changes incremental sync
If an incremental sync occurs and the DN of a user changes, if it is not recalc, an error occurs
The membership or user should be recalced, where the new DN will go into cache and in the target
LDAP provisioning folder metadata for base DN
Allow a folder in grouper to have metadata about the base DN to be provisioned. All other translation rules apply
Allow delegation for assigning provisioning information
A group of users should be able to view provisioning information for a provisioner
A group of users should be able to view/update provisioning information for a provisioner
Check name requirements when assigning provisionable
When a group is assigned provisionable, translate the name and check LDAP
Give an error for conflict or warning for something else
Give an error if the validations are not valid (length of DN or CN)
Check name requirements when renaming groups
When a group is renamed, check to see if provisioning targets are invalid, if so veto
If a group suddenly fails validation, and has members in target, still manage those members
If a group in target matches a group in grouper, then still manage memberships if another field on group becomes invalid