Automember lists memberof as possible trigger attribute. However automember rules for memberof do not trigger.
User is not added to group ruletest. A manual automembership rebuild adds the user to ruletest.
User gets added to ruletest immediately.
package ipa-server is not installed
package ipa-client is not installed
Both auto membership plugin and memberof plugin are betxnpostoperation plugins with default plugin precedence of 50. After I added nsslapd-pluginprecedence=60 to cn=Auto Membership Plugin,cn=plugins,cn=config auto membership worked as expected.
cn=Auto Membership Plugin,cn=plugins,cn=config
The issue is relevant for new Fedora Account System.
After I have added and removed nsslapd-pluginprecedence I can no longer reproduce the bug for adding group membership. Instead auto-removal of group membership is broken.
to comment on this ticket.