Bug 50768 - misleading or false warnings in diagnostic module for well known SIDs
misleading or false warnings in diagnostic module for well known SIDs
Status: RESOLVED DUPLICATE of bug 46706
Product: UCS@school
Classification: Unclassified
Component: UMC - System diagnostic
UCS@school 4.4
Other Linux
: P5 normal (vote)
: ---
Assigned To: UCS@school maintainers
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2020-02-03 16:27 CET by Christina Scheinig
Modified: 2020-10-20 11:56 CEST (History)
2 users (show)

See Also:
What kind of report is it?: Bug Report
What type of bug is this?: 3: Simply Wrong: The implementation doesn't match the docu
Who will be affected by this bug?: 2: Will only affect a few installed domains
How will those affected feel about the bug?: 1: Nuisance – not a big deal but noticeable
User Pain: 0.034
Enterprise Customer affected?:
School Customer affected?: Yes
ISV affected?:
Waiting Support:
Flags outvoted (downgraded) after PO Review:
Ticket number: 2020012721000139, 2020070721000773
Bug group (optional):
Max CVSS v3 score:


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Christina Scheinig univentionstaff 2020-02-03 16:27:29 CET
A customer gets the following warning in the diagnostic module on a school slave.
Warning: Check "Well known" SIDs
No user or group with SID S-1-5-21-2310927035-1632660085-1980360486-502 found KRBTGT was expected
No user or group with SID S-1-5-21-2310927035-1632660085-1980360486-501 found GUEST was expected

The user is not synced to openldap, because on the slave it is set on the ignorelist:
connector/s4/mapping/user/ignorelist
root,ucs-s4sync,krbtgt,Guest

On environments with samba4 on the master this seems not a problem, because these users are in the openLdap and the users are not on the ignores list. The users are present on the slaves in openLdap.

I think the check expects these users to be present in openLDAP? But they are not in school environments with a master without samba4 installed.
Comment 1 Christian Völker univentionstaff 2020-10-20 11:56:12 CEST

*** This bug has been marked as a duplicate of bug 46706 ***