Bug 47862 – 20univention-directory-policy fails if computer object was created in umc computer module

Bug 47862 - 20univention-directory-policy fails if computer object was created in umc computer module


Summary:	20univention-directory-policy fails if computer object was created in umc com...

Status:	RESOLVED WONTFIX

Product:	UCS
Classification:	Unclassified
Component:	UMC - Computers
Version:	UCS 4.3
Hardware:	Other Linux

Importance:	P5 normal (vote)
Target Milestone:	---
Assigned To:	UMC maintainers
QA Contact:	UMC maintainers

URL:
Keywords:

Depends on:
Blocks:
	Show dependency tree / graph

Reported:	2018-09-26 11:44 CEST by Jannik Ahlers
Modified:	2021-05-14 16:34 CEST (History)
CC List:	2 users (show)

See Also:	46919 48984
What kind of report is it?:	Bug Report
What type of bug is this?:	5: Major Usability: Impairs usability in key scenarios
Who will be affected by this bug?:	1: Will affect a very few installed domains
How will those affected feel about the bug?:	3: A User would likely not purchase the product
User Pain:	0.086
Enterprise Customer affected?:
School Customer affected?:
ISV affected?:
Waiting Support:
Flags outvoted (downgraded) after PO Review:
Ticket number:
Bug group (optional):
Max CVSS v3 score:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Jannik Ahlers

2018-09-26 11:44:05 CEST

The umc computer module creates new slaves at the postition 'cn=computers,dc=mydomain,dc=intranet'. But the computer object has to be in position 'cn=dc,cn=computers,dc=mydomain,dc=intranet' for the joinscript 20univention-directory-policy to work.
Therefore the join fails if the slave object was created in umc.



Configure 20univention-directory-policy.inst Mon Sep 24 18:02:55 CEST 2018
2018-09-24 18:02:55.754960355+02:00 (in joinscript_init)
could not open policy for cn=testslave,cn=computers,dc=mydomain,dc=intranet

could not open policy for cn=testslave,cn=computers,dc=mydomain,dc=intranet

failed to execute univention_policy_result
run-parts: /usr/lib/univention-directory-policy/univention-policy-maintenance exited with return code 49
could not open policy for cn=testslave,cn=computers,dc=mydomain,dc=intranet

failed to execute univention_policy_result

run-parts: /usr/lib/univention-directory-policy/univention-policy-repository-sync exited with return code 1
could not open policy for cn=testslave,cn=computers,dc=mydomain,dc=intranet

univention-policy-set-repository-server: FAIL: failed to execute `univention_policy_result'

run-parts: /usr/lib/univention-directory-policy/univention-policy-set-repository-server exited with return code 1
could not open policy for cn=testslave,cn=computers,dc=mydomain,dc=intranet

run-parts: /usr/lib/univention-directory-policy/univention-policy-update-config-registry exited with return code 1

__JOINERR__:FAILED: /usr/lib/univention-install/20univention-directory-policy.inst


**************************************************************************
* Join failed!                                                           *
* Contact your system administrator                                      *
**************************************************************************
* Message:  Please visit https://help.univention.com/t/8842 for common problems during the join and how to fix them -- FAILED: 20univention-directory-policy.inst
**************************************************************************

Comment 1 Florian Best

2019-03-11 20:11:10 CET

The problem why it fails are probably the LDAP ACL's because they apply only to the sub containers.

The trello card suggest to change the default location where DC Slaves are created. This would basically be Bug #46919 / Bug #36651.

Comment 2 Florian Best

2019-03-13 17:24:33 CET

(In reply to Florian Best from comment #1)
> The problem why it fails are probably the LDAP ACL's because they apply only
> to the sub containers.
> 
> The trello card suggest to change the default location where DC Slaves are
> created. This would basically be Bug #46919 / Bug #36651.
From Trello:
"""
Ziel der Karte sollte sein, dass beim Hinzufügen über UMC der Container "richtig" vorgeschlagen wird.
"""

Comment 3 Florian Best

2019-03-18 15:29:32 CET

I will reset the user pain. We fixed Bug #46919 if this is still a problem then, we can see what we can do here.

Comment 4 Ingo Steuwer

2021-05-14 15:42:52 CEST

This issue has been filed against UCS 4.3.

UCS 4.3 is out of maintenance and many UCS components have changed in later releases. Thus, this issue is now being closed.

If this issue still occurs in newer UCS versions, please use "Clone this bug" or reopen it and update the UCS version. In this case please provide detailed information on how this issue is affecting you.