Univention Bugzilla – Bug 49590
ADC Traceback in password_sync_ucs: "TypeError: Odd-length string" / Hash UCS: NO PASSWORDXXXXXX
Last modified: 2021-09-15 18:07:59 CEST
Patch? diff --git a/services/univention-ad-connector/modules/univention/connector/ad/password.py b/services/univention-ad-connector/modules/univention/connector/ad/password.py index 7a97f986e4..044890edee 100644 --- a/services/univention-ad-connector/modules/univention/connector/ad/password.py +++ b/services/univention-ad-connector/modules/univention/connector/ad/password.py @@ -245,6 +245,7 @@ def password_sync_ucs(connector, key, object): if pwd in ['NO PASSWORDXXXXXX', 'NO PASSWORD*********************']: ud.debug(ud.LDAP, ud.PROCESS, "The sambaNTPassword hash is set to %s. Skip the synchronisation of this hash to AD." % pwd) + return res = connector.lo_ad.lo.search_s(univention.connector.ad.compatible_modstring(object['dn']), ldap.SCOPE_BASE, '(objectClass=*)', ['pwdLastSet', 'objectSid']) pwdLastSet = None
This happend after upgrade from 4.2 (?) to 4.4 (see Ticket 2019042421000374)
Is there the possibility to have a workaround? ie by re-setting the user's password in AD? Or modifying users through udm?
Both should work.
Changing the Password via Win 10 will lead to this situation. Re-/Changing the password has no effect. UCS 4.4-1 as member in MS/AD
Another Customer (Partner) complaints the missing patch. Find details in ticket 2021020921000259 and corresponding.
https://git.knut.univention.de/univention/ucs/-/tree/arequate/bug49590-password_sync_ucs-NO-PASSWORDXXXXXX
Ticket 2020121821000706 reported other peculiarities: - Come customer had: NO PASSWORDXXXXXXX (Note: 7xX !?) - In UCS: /usr/share/univention-heimdal/kerberos_now: if not attrs['sambaNTPassword'][0] == "NO PASSWORDXXXXXXXXXXXXXXXXXXXXX":
8805e3f590 | Skip sambaNTPassword sync if invalid 4356de7313 | Advisory
OK: skipping of various invalid password values OK: advisory OK: Code review & comments
<https://errata.software-univention.de/#/?erratum=4.4x1047>