First Last Prev Next    This bug is not in your last search results.
Bug 34983 - OU admins outside cn=admins do not count as full ou admins, cannot create working groups
OU admins outside cn=admins do not count as full ou admins, cannot create wor...
Status: RESOLVED WORKSFORME
Product: UCS@school
Classification: Unclassified
Component: UMC - Classes / Teachers / Workgroup assignment
UCS@school 3.2 R2
Other Linux
: P5 normal (vote)
: UCS@school 3.x
Assigned To: Bugzilla Mailingliste
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2014-05-27 02:39 CEST by Dirk Wiesenthal
Modified: 2016-06-15 11:04 CEST (History)
3 users (show)

See Also:
What kind of report is it?: ---
What type of bug is this?: ---
Who will be affected by this bug?: ---
How will those affected feel about the bug?: ---
User Pain:
Enterprise Customer affected?:
School Customer affected?:
ISV affected?:
Waiting Support:
Flags outvoted (downgraded) after PO Review:
Ticket number:
Bug group (optional):
Max CVSS v3 score:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Dirk Wiesenthal univentionstaff 2014-05-27 02:39:28 CEST 
Die Anfrage konnte nicht ausgeführt werden.
Fehlernachricht des Servers:
Das Kommando ist fehlgeschlagen: Die Gruppe konnte nicht erstellt werden (Zugriff verweigert.).
Comment 1 Florian Best univentionstaff 2014-05-27 08:36:55 CEST 
The school admin have to be underneath of /base/$OU/users/admins/.
Comment 2 Florian Best univentionstaff 2014-05-27 08:51:04 CEST 
FYI: 6.1.3. Anlegen von Benutzerkonten für Schuladministratoren
http://docs.univention.de/ucsschool-handbuch-3.2.html#school:importusers:schooladmins
Comment 3 Dirk Wiesenthal univentionstaff 2014-05-27 11:06:08 CEST 
Oh, I did not know that. Now it works. But everything else except working groups were okay (e.g. computer rooms)! This is very counter intuitive (and shows that the ACLs seem to handle those cases differently).

Another problem is:

 Sollte der Schuladministrator auch als Lehrer tätig sein, muss zusätzlich die Gruppe lehrer-OU, also z.B. lehrer-gym17, hinzugefügt werden. 

This will probably cause some other problems, as teachers are identified by the container they live in. So adding an admin to the teachers group will most probably not list her in any teacher-search widget, etc.

REOPENED, not because this is a real bug (as ou admins creation is documented) but because there are general issues with users identified by the container.
Comment 4 Florian Best univentionstaff 2016-06-15 11:04:19 CEST 
Users aren't identified by container anymore in UCS@school 4.1R2.
First Last Prev Next    This bug is not in your last search results.