If an LDAP server had two OU definitions with the same RDN values, if one is disabled, it still might be used.

One use case for this issue is searching for active vs. inactive users. Users that should be active could potentially be set to inactive.

Steps to Reproduce


  1. Create two OU definitions for an LDAP server with the same RDN value.

  2. Set one definition to not active.

  3. Refresh the LDAP values for a user.

  4. Check the logs to see the import set table to which the information was imported.

  5. If this replication does not work, re-enable the OU definition and disable the other one. (Whether the replication is successful depends on which record the query finds first.)




Avoid having two OU definitions with the same RDN values.

Related Problem: PRB630276

Seen In

Eureka Patch 10
Eureka Patch 3 Hot Fix 1
Fuji Patch 11
Fuji Patch 7 Hot Fix 9

Fixed In


