Currently AC Tools always assumes that the authorizable id is equal to the principal name. Jackrabbit does not enforce this equality. In fact Oak uses different authorizable ids and principal names for groups created from the LDAP. Therefore I would propose the following changes:
Currently AC Tools always assumes that the authorizable id is equal to the principal name. Jackrabbit does not enforce this equality. In fact Oak uses different authorizable ids and principal names for groups created from the LDAP. Therefore I would propose the following changes:
rep:principalName
property for both groups and users and to set that accordingly when the YAML is processed.