Description Julia Bremer 2020-11-16 09:18:08 CET

+++ This bug was initially created as a clone of Bug #51929 +++
In Bug #51929 using the ucs-school-user-import with an adconnector and moving the pupils between schools ended up making some of those pupils members of groups of both schools.
The reason was, that the group_member_cache was not correctly updated in a move. 
The user was not found in the group_member_cache and therefore not removed from the group because the user had changed its DN.
This only happens when the adconnector is stopped while making these changes, because multiple sync_from_ucs operations have to happen consecutively without a sync_to_ucs in between.
This was fixed in the adconnector.

During Bug #51929, we created a test case 55_adconnector/504_test_group_cache_after_move which still fails in out adconnector + s4connector setup 
http://jenkins.knut.univention.de:8080/job/UCS-4.4/job/UCS-4.4-6/job/ADConnectorMultiEnv/Version=s4connector-w2k8r2-german/lastCompletedBuild/testReport/55_adconnector/504test_group_cache_after_move/master237/

In the logs one can see that the testuser is not removed from the group because i was not found in the cache. 
11.11.2020 15:26:41.499 LDAP        (PROCESS): group_members_sync_from_ucs: cn=hbtwedcq,dc=autotest237,dc=local was not found in S4 group member cache of cn=ybqkedcr,cn=groups,dc=autotest237,dc=local, don't delete

So the same problem or at least a similar problem exists in the s4connector too and we should fix this as well.