From b81adb0bc8ad97fec50fba30454e94858476bad5 Mon Sep 17 00:00:00 2001 From: Noriko Hosoi Date: Jul 30 2015 17:46:51 +0000 Subject: Ticket #48232 - winsync lastlogon attribute not syncing between DS and AD. Bug Description: From Microsoft forum: The DirSync control taps into the replication stream to get the necessary changes. Since lastLogon is not replicated, it isn't available via the DirSync control. Additional notes: The lastLogon attribute is not replicated. In contrast the lastLogontimeStamp attribute is replicated. Fix Description: Instead of lastLogon|lastLogoff, sync lastLogonTimestamp|lastLogoffTimestamp which are the target of DirSync, to ntUserLastLogon|ntUserLastLogoff. https://fedorahosted.org/389/ticket/48232 Reviewed by rmeggins@redhat.com (Thank you, Rich!!) (cherry picked from commit 0db29788e6c1b17f944fcafa368b66580e1e90d5) --- diff --git a/ldap/servers/plugins/replication/windows_protocol_util.c b/ldap/servers/plugins/replication/windows_protocol_util.c index 4cfa20d..5c12af7 100644 --- a/ldap/servers/plugins/replication/windows_protocol_util.c +++ b/ldap/servers/plugins/replication/windows_protocol_util.c @@ -194,8 +194,8 @@ static windows_attribute_map user_attribute_map[] = { { "homeDirectory", "ntUserHomeDir", bidirectional, always, normal}, { "scriptPath", "ntUserScriptPath", bidirectional, always, normal}, - { "lastLogon", "ntUserLastLogon", fromwindowsonly, always, normal}, - { "lastLogoff", "ntUserLastLogoff", fromwindowsonly, always, normal}, + { "lastLogonTimestamp", "ntUserLastLogon", fromwindowsonly, always, normal}, + { "lastLogoffTimestamp", "ntUserLastLogoff", fromwindowsonly, always, normal}, { "accountExpires", "ntUserAcctExpires", bidirectional, always, normal}, { "codePage", "ntUserCodePage", bidirectional, always, normal}, { "logonHours", "ntUserLogonHours", bidirectional, always, normal},