diff --git a/branches/ucs-3.0/ucs/management/univention-directory-manager-modules/univention-sync-memberuid b/branches/ucs-3.0/ucs/management/univention-directory-manager-modules/univention-sync-memberuid
index 9ff9aa3..52ec8f3 100755
--- a/branches/ucs-3.0/ucs/management/univention-directory-manager-modules/univention-sync-memberuid
+++ b/branches/ucs-3.0/ucs/management/univention-directory-manager-modules/univention-sync-memberuid
@@ -1,7 +1,10 @@
 #!/usr/bin/python2.6
 #
 # Univention Admin Modules
-#  synchronise attributes uniqueMember and memberUID of group objects
+"""synchronise attributes uniqueMember to memberUID of group objects.
+
+Update the UIDs in memberUid of all groups to match the uid of the objects
+referenced by uniqueMember."""
 #
 # Copyright 2007-2012 Univention GmbH
 #
@@ -30,8 +33,8 @@
 # /usr/share/common-licenses/AGPL-3; if not, see
 # <http://www.gnu.org/licenses/>.
 
-
-import ldap, string, sys
+import ldap
+import sys
 from optparse import OptionParser
 
 import univention.config_registry
@@ -51,7 +54,7 @@ parser.add_option( '-c', '--continue', action = 'store_true',
 
 ( options, arguments ) = parser.parse_args()
 
-ud.init( '/var/log/univention/sync-memberuid.log', 1, 0 )
+ud.init('/var/log/univention/sync-memberuid.log', ud.FLUSH, ud.NO_FUNCTION)
 ud.set_level( ud.ADMIN, options.debug )
 
 baseDN = configRegistry[ 'ldap/base' ]
@@ -67,59 +70,48 @@ groups = lo.search_s( baseDN, ldap.SCOPE_SUBTREE, '(&(objectClass=posixGroup)(ob
 
 if options.test:
 	print 'Test Mode: The following groups have to be modified:'
-for grp in groups:
-	dn, attrs = grp
-	old = []
-	new = []
-	if attrs.has_key( 'memberUid' ):
-		old = attrs[ 'memberUid' ]
+for grp_dn, grp_attrs in groups:
+	old = set(grp_attrs.get('memberUid', ()))
 
-	ud.debug( ud.ADMIN, ud.PROCESS, 'Group: %s' % dn )
-	for uniqueMember in attrs.get( 'uniqueMember', [] ):
+	ud.debug(ud.ADMIN, ud.PROCESS, 'Group: %s' % grp_dn)
+	new = set()
+	memberDns = grp_attrs.get('uniqueMember', ())
+	for uniqueMember in memberDns:
 		try:
 			result = lo.search_s( uniqueMember, ldap.SCOPE_BASE, '(objectclass=*)' )
-		except Exception, e:
-			ud.debug( ud.ADMIN, ud.ERROR, 'reading uid of %s failed: %s' % (uniqueMember, str(e)) )
-			print 'ERROR: cannot read uid of DN %s' % uniqueMember
+		except ldap.NO_SUCH_OBJECT, ex:
+			ud.debug(ud.ADMIN, ud.WARN, 'searching %s failed: %s' % (uniqueMember, ex))
+			print >> sys.stderr, 'WARNING: DN %s not found' % uniqueMember
 			continue
 		if not result:
-			ud.debug( ud.ADMIN, ud.ERROR, 'empty result for uniqueMember %s' % uniqueMember)
-			print 'ERROR: empty result for uniqueMember %s' % uniqueMember
+			ud.debug( ud.ADMIN, ud.WARN, 'empty result for uniqueMember %s' % uniqueMember)
+			print >> sys.stderr, 'WARNING: empty result for uniqueMember %s' % uniqueMember
 			continue
-		uniqueMemberAttrs = result[0][1]
-		if uniqueMemberAttrs.get('uid'):
-			new.append( uniqueMemberAttrs['uid'][0] )
-
-	old.sort()
-	new.sort()
+		_, uniqueMemberAttrs = result[0]
+		uniqueMemberUid = uniqueMemberAttrs.get('uid')
+		if uniqueMemberUid:
+			new.add(uniqueMemberUid[0])
 
 	if old != new:
-		ud.debug( ud.ADMIN, ud.INFO, '  members: %s' % attrs.get( 'uniqueMember', [] ) )
-		ud.debug( ud.ADMIN, ud.INFO, '  old memberUid: %s' % old )
-		ud.debug( ud.ADMIN, ud.INFO, '  new memberUid: %s' % new )
+		ud.debug(ud.ADMIN, ud.INFO, '  members: %s' % memberDns)
+		ud.debug(ud.ADMIN, ud.INFO, '  old memberUid: %s' % old)
+		ud.debug(ud.ADMIN, ud.INFO, '  new memberUid: %s' % new)
 		if options.test:
-			print 'Group:', dn
+			print 'Group:', grp_dn
 			continue
-		add = []
-		for n in new:
-			if not n in old:
-				add.append( n )
+		add = list(new - old)
 		if add:
 			try:
-				lo.modify_s( dn, [ ( ldap.MOD_ADD, 'memberUid', add ) ] )
-			except Exception, e:
-				ud.debug( ud.ADMIN, ud.ERROR, 'adding memberUid entries failed: %s' % str( e ) )
+				lo.modify_s(grp_dn, [(ldap.MOD_ADD, 'memberUid', add)])
+			except ldap.LDAPError, ex:
+				ud.debug(ud.ADMIN, ud.ERROR, 'adding memberUid entries failed: %s' % ex)
 				if not options.cont:
 					sys.exit( 1 )
-		remove = []
-		for o in old:
-			if not o in new:
-				remove.append( o )
+		remove = list(old - new)
 		if remove:
 			try:
-				lo.modify_s( dn, [ ( ldap.MOD_DELETE, 'memberUid', remove ) ] )
-			except Exception, e:
-				ud.debug( ud.ADMIN, ud.ERROR, 'removing memberUid entries failed: %s' % str( e ) )
+				lo.modify_s(grp_dn, [(ldap.MOD_DELETE, 'memberUid', remove)])
+			except ldap.LDAPError, ex:
+				ud.debug(ud.ADMIN, ud.ERROR, 'removing memberUid entries failed: %s' % ex)
 				if not options.cont:
 					sys.exit( 1 )
-