Univention Bugzilla – Bug 31884
Detection of user changes
Last modified: 2015-01-13 14:49:04 CET
Currently, user changes are detected by comparing the received values from the server and the current values set. This has several drawbacks and does not currently work (as the values CtxBrokenSession="0000" and CtxReconnectSession="0000" are not stored with the user object). It would be better to detect changes via manually changed values (via watch events on widgets).
With this, we could warn in case an edit operation is cancelled.
The bug is worse: It prevents users in "User Password Admins" to change a password of any user with the message "Access denied". Bug #32978 comment 12
(In reply to Florian Best from comment #2) > The bug is worse: It prevents users in "User Password Admins" to change a > password of any user with the message "Access denied". > > Bug #32978 comment 12 … the error "Access denied" occurs as Ctx* values are sent along with the password changes.
I found another one for a user which doesn't have the posix option: "primaryGroup" and "$dn$" are changing. d.getAlteredValues() Object {primaryGroup: "cn=Account Operators,cn=Builtin,dc=ucs,dc=dev", $dn$: "uid=noposix,cn=users,dc=ucs,dc=dev"}
(In reply to Florian Best from comment #4) > I found another one for a user which doesn't have the posix option: > "primaryGroup" and "$dn$" are changing. > > d.getAlteredValues() > Object {primaryGroup: "cn=Account Operators,cn=Builtin,dc=ucs,dc=dev", $dn$: > "uid=noposix,cn=users,dc=ucs,dc=dev"} → I found a bug which already reported this as external feedback: Bug #28383
(In reply to Florian Best from comment #5) > (In reply to Florian Best from comment #4) > > I found another one for a user which doesn't have the posix option: > > "primaryGroup" and "$dn$" are changing. > > > > d.getAlteredValues() > > Object {primaryGroup: "cn=Account Operators,cn=Builtin,dc=ucs,dc=dev", $dn$: > > "uid=noposix,cn=users,dc=ucs,dc=dev"} > → I found a bug which already reported this as external feedback: Bug #28383 err, I meant Bug #37119
As discussed, this way of detecting user changes will not be implemented. (More details at Bug 36700)
As we don't fix this bug I created Bug #37532.