Steps to reproduce:
- configure an Active Directory as a Data Store (using LDAPS)
- add inetUserStatus to the list of LDAP User attributes
- try to create a new User using the Subjects tab
The following stacktrace can be seen in the IdRepo debug logs:
The problem seems to be that although we are mapping the user status attribute, we do not remove the original inetUserStatus attribute from the attributeMap, and AD doesn't know what to do with that attribute. We should remove the default user status attribute when we are mapping it to a data store specific attribute.