Univention Bugzilla – Attachment 7841 Details for
Bug 41864
UCS@school: Allow re-creation of deleted user object with same objectSid in Samba/AD
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
ucs2con_allow_recreation_of_deleted_object_with_same_sAMAccountName_and_objectSid.diff
ucs2con_allow_recreation_of_deleted_object_with_same_sAMAccountName_and_objectSid.diff (text/plain), 2.26 KB, created by
Arvid Requate
on 2016-07-27 14:18:12 CEST
(
hide
)
Description:
ucs2con_allow_recreation_of_deleted_object_with_same_sAMAccountName_and_objectSid.diff
Filename:
MIME Type:
Creator:
Arvid Requate
Created:
2016-07-27 14:18:12 CEST
Size:
2.26 KB
patch
obsolete
>Index: modules/univention/s4connector/s4/__init__.py >=================================================================== >--- modules/univention/s4connector/s4/__init__.py (Revision 70207) >+++ modules/univention/s4connector/s4/__init__.py (Arbeitskopie) >@@ -2422,6 +2422,27 @@ > ud.debug(ud.LDAP, ud.ALL, "sync_from_ucs: addlist: %s" % addlist) > try: > self.lo_s4.lo.add_ext_s(compatible_modstring(object['dn']), compatible_addlist(addlist), serverctrls=ctrls) #FIXME encoding >+ except ldap.ALREADY_EXISTS as ex: >+ sAMAccountName_attr_value = object['attributes'].get('sAMAccountName')[0] >+ objectSid_attr_value = object['attributes'].get('objectSid')[0] >+ objectSid = decode_sid(objectSid_attr_value) >+ if not (sAMAccountName_attr_value and objectSid): >+ raise ## unknown situation >+ filter_s4 = '(&(sAMAccountName=%s)(objectSid=%s)(isDeleted=TRUE))' % (sAMAccountName_attr_value, objectSid) >+ ud.debug(ud.LDAP, ud.WARN, "sync_from_ucs: Error during add, searching for conflicting deleted object in S4. Filter: %s" % filter_s4) >+ result = self.lo_s4.lo.search_ext_s(self.lo_s4.base,ldap.SCOPE_SUBTREE, filter_s4, ['dn'], serverctrls=[LDAPControl(LDAP_SERVER_SHOW_DELETED_OID, criticality=1), LDAPControl(LDB_CONTROL_DOMAIN_SCOPE_OID, criticality=0)]) >+ if not result or len(result)>1: ## the latter would indicate corruption >+ ud.debug(ud.LDAP, ud.WARN,"sync_from_ucs: No conflicting object found.") >+ raise ## unknown situation >+ ud.debug(ud.LDAP, ud.INFO,"sync_from_ucs: Ok, deleting conflicting object: %s"% result[0][0]) >+ self.lo_s4.lo.delete_ext_s(compatible_modstring(result[0][0]), serverctrls=[LDAPControl(LDB_CONTROL_RELAX_OID, criticality=0)]) >+ ## and try again >+ try: >+ self.lo_s4.lo.add_ext_s(compatible_modstring(object['dn']), compatible_addlist(addlist), serverctrls=ctrls) #FIXME encoding >+ except: >+ ud.debug(ud.LDAP, ud.ERROR, "sync_from_ucs: traceback during add object: %s" % object['dn']) >+ ud.debug(ud.LDAP, ud.ERROR, "sync_from_ucs: traceback due to addlist: %s" % addlist) >+ raise > except: > ud.debug(ud.LDAP, ud.ERROR, "sync_from_ucs: traceback during add object: %s" % object['dn']) > ud.debug(ud.LDAP, ud.ERROR, "sync_from_ucs: traceback due to addlist: %s" % addlist)
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=7841">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 41864
: 7841 |
7845
|
7846
|
7847