Running 3.5 and LDAP driver against an Oracle OID.

Group and user (not all) are syncronised. If I delete a user from the
group (in eDir) that is NOT associated with the driver all members are
removed on the OID side.

The problem is seems to be
LDAPModification: (operation=delete,(LDAPAttribute: {type='uniqueMember',
value=''}))

This was not a problem on earlier versions of IDM.

Trace:

<nds dtdversion="3.5" ndsversion="8.x">
<source>
<product version="3.5.0.20070315 ">DirXML</product>
<contact>Novell, Inc.</contact>
</source>
<input>
<modify class-name="Group" event-id="RR3K8613-NDS#20070924193935#3#1"
qualified-src-dn="O=HRSOU=RollerCN=Pasientjournal"
src-dn="RH_META_TREEHRSRollerPasientjournal" src-entry-id="33885"
timestamp="0#0">
<association
state="associated">cn=kliniskskrivebord_rh,cn=kata log_groups,cn=groups,dc=rikshospitalet,dc=no</association>
<modify-attr attr-name="Member">
<remove-value>
<value timestamp="1187916654#1"
type="dn">RH_META_TREEHRSRHAccountDisabledANDKNO</value>
</remove-value>
</modify-attr>
</modify>
</input>
</nds>
[09/24/07 21:39:36.166]:OID_PROD175_HA ST:Filtering out notification-only
attributes.
[09/24/07 21:39:36.166]:OID_PROD175_HA ST:Fixing up association references.
[09/24/07 21:39:36.166]:OID_PROD175_HA ST:
DirXML Log Event -------------------
Driver: RH_META_TREESYSTEMRR3K8613 DriversetOID_PROD175_HA
Channel: Subscriber
Object: RH_META_TREEHRSRollerPasientjournal
Status: Warning
Message: Code(-8003) Unable to synchronize reference to
RH_META_TREEHRSRHAccountDisabledANDKNO from attribute Member.
[09/24/07 21:39:36.166]:OID_PROD175_HA ST:Applying schema mapping policies
to output.
[09/24/07 21:39:36.166]:OID_PROD175_HA ST:Applying policy:
%+C%14CMappingRule%-C.
[09/24/07 21:39:36.166]:OID_PROD175_HA ST: Mapping attr-name 'Member' to
'uniqueMember'.
[09/24/07 21:39:36.166]:OID_PROD175_HA ST: Mapping class-name 'Group' to
'groupOfUniqueNames'.
[09/24/07 21:39:36.166]:OID_PROD175_HA ST:Applying policy:
%+C%14CMappingRule-1%-C.
[09/24/07 21:39:36.166]:OID_PROD175_HA ST: No mapping for class-name
'groupOfUniqueNames'.
[09/24/07 21:39:36.166]:OID_PROD175_HA ST:Applying output transformation
policies.
[09/24/07 21:39:36.166]:OID_PROD175_HA ST:Applying policy:
%+C%14CRR-Handle mulit to singlevalue%-C.
[09/24/07 21:39:36.166]:OID_PROD175_HA ST: Applying to modify #1.
[09/24/07 21:39:36.182]:OID_PROD175_HA ST: Evaluating selection
criteria for rule 'Add: User - convert multi-valued displayname to single
value'.
[09/24/07 21:39:36.182]:OID_PROD175_HA ST: (if-operation equal "add")
= FALSE.
[09/24/07 21:39:36.182]:OID_PROD175_HA ST: Rule rejected.
[09/24/07 21:39:36.182]:OID_PROD175_HA ST: Evaluating selection
criteria for rule 'Add: User - convert multi-valued givenname to single
value'.
[09/24/07 21:39:36.182]:OID_PROD175_HA ST: (if-operation equal "add")
= FALSE.
[09/24/07 21:39:36.182]:OID_PROD175_HA ST: Rule rejected.
[09/24/07 21:39:36.182]:OID_PROD175_HA ST:Policy returned:
[09/24/07 21:39:36.182]:OID_PROD175_HA ST:
<nds dtdversion="3.5" ndsversion="8.x">
<source>
<product version="3.5.0.20070315 ">DirXML</product>
<contact>Novell, Inc.</contact>
</source>
<input>
<modify class-name="groupOfUniqueNames"
event-id="RR3K8613-NDS#20070924193935#3#1"
qualified-src-dn="O=HRSOU=RollerCN=Pasientjournal"
src-dn="RH_META_TREEHRSRollerPasientjournal" src-entry-id="33885"
timestamp="0#0">
<association
state="associated">cn=kliniskskrivebord_rh,cn=kata log_groups,cn=groups,dc=rikshospitalet,dc=no</association>
<modify-attr attr-name="uniqueMember">
<remove-value>
<value timestamp="1187916654#1"
type="dn">RH_META_TREEHRSRHAccountDisabledANDKNO</value>
</remove-value>
</modify-attr>
</modify>
</input>
</nds>
[09/24/07 21:39:36.182]:OID_PROD175_HA ST:Applying policy: %+C%14C'Email
notifications for failed password publications'%-C.
[09/24/07 21:39:36.182]:OID_PROD175_HA ST: Applying to modify #1.
[09/24/07 21:39:36.182]:OID_PROD175_HA ST: Evaluating selection
criteria for rule 'Send e-mail for a failed publish password operation'.
[09/24/07 21:39:36.182]:OID_PROD175_HA ST: (if-global-variable
'notify-user-on-password-dist-failure' equal "true") = FALSE.
[09/24/07 21:39:36.182]:OID_PROD175_HA ST: Rule rejected.
[09/24/07 21:39:36.182]:OID_PROD175_HA ST:Policy returned:
[09/24/07 21:39:36.182]:OID_PROD175_HA ST:
<nds dtdversion="3.5" ndsversion="8.x">
<source>
<product version="3.5.0.20070315 ">DirXML</product>
<contact>Novell, Inc.</contact>
</source>
<input>
<modify class-name="groupOfUniqueNames"
event-id="RR3K8613-NDS#20070924193935#3#1"
qualified-src-dn="O=HRSOU=RollerCN=Pasientjournal"
src-dn="RH_META_TREEHRSRollerPasientjournal" src-entry-id="33885"
timestamp="0#0">
<association
state="associated">cn=kliniskskrivebord_rh,cn=kata log_groups,cn=groups,dc=rikshospitalet,dc=no</association>
<modify-attr attr-name="uniqueMember">
<remove-value>
<value timestamp="1187916654#1"
type="dn">RH_META_TREEHRSRHAccountDisabledANDKNO</value>
</remove-value>
</modify-attr>
</modify>
</input>
</nds>
[09/24/07 21:39:36.197]:OID_PROD175_HA ST:Submitting document to
subscriber shim:
[09/24/07 21:39:36.197]:OID_PROD175_HA ST:
<nds dtdversion="3.5" ndsversion="8.x">
<source>
<product version="3.5.0.20070315 ">DirXML</product>
<contact>Novell, Inc.</contact>
</source>
<input>
<modify class-name="groupOfUniqueNames"
event-id="RR3K8613-NDS#20070924193935#3#1"
qualified-src-dn="O=HRSOU=RollerCN=Pasientjournal"
src-dn="RH_META_TREEHRSRollerPasientjournal" src-entry-id="33885"
timestamp="0#0">
<association
state="associated">cn=kliniskskrivebord_rh,cn=kata log_groups,cn=groups,dc=rikshospitalet,dc=no</association>
<modify-attr attr-name="uniqueMember">
<remove-value>
<value timestamp="1187916654#1"
type="dn">RH_META_TREEHRSRHAccountDisabledANDKNO</value>
</remove-value>
</modify-attr>
</modify>
</input>
</nds>
[09/24/07 21:39:36.197]:OID_PROD175_HA ST:OID_PROD175_HA: Opening clear
text connection
[09/24/07 21:39:36.229]:OID_PROD175_HA ST:OID_PROD175_HA: Host name:
oid1.rikshospitalet.no
[09/24/07 21:39:36.229]:OID_PROD175_HA ST:OID_PROD175_HA: Port: 3060
[09/24/07 21:39:36.229]:OID_PROD175_HA ST:OID_PROD175_HA: DN: cn=idm,
cn=Users,dc=rikshospitalet,dc=no
[09/24/07 21:39:36.229]:OID_PROD175_HA ST:OID_PROD175_HA: Protocol
version=3
[09/24/07 21:39:36.229]:OID_PROD175_HA ST:OID_PROD175_HA: SDK version=4.1
[09/24/07 21:39:36.229]:OID_PROD175_HA ST:OID_PROD175_HA: LDAP Modify:
cn=kliniskskrivebord_rh,cn=katalog_groups,cn=group s,dc=rikshospitalet,dc=no
LDAPModification: (operation=delete,(LDAPAttribute:
{type='uniqueMember', value=''}))
[09/24/07 21:39:38.416]:OID_PROD175_HA ST:SubscriptionShim.execute()
returned:
[09/24/07 21:39:38.416]:OID_PROD175_HA ST:
<nds dtdversion="2.0" ndsversion="8.x">
<source>
<product build="20070511_1350 " instance="OID_PROD175_HA"
version="3.5.1">Identity Manager Driver for LDAP</product>
<contact>Novell, Inc.</contact>
</source>
<output>
<status event-id="RR3K8613-NDS#20070924193935#3#1" level="success"/>
</output>
</nds>