Bug 19101 – Printer Join Skript sollte Master LDAP prüfen

Bug 19101 - Printer Join Skript sollte Master LDAP prüfen


Summary:	Printer Join Skript sollte Master LDAP prüfen

Status:	CLOSED FIXED

Product:	UCS
Classification:	Unclassified
Component:	Printserver
Version:	UCS 3.0
Hardware:	Other Linux

Importance:	P5 normal (vote)
Target Milestone:	UCS 3.2
Assigned To:	Liam Schwez
QA Contact:	Felix Botner

URL:
Keywords:	interim-1

Depends on:
Blocks:
	Show dependency tree / graph

Reported:	2010-07-27 08:42 CEST by Tobias Scherer
Modified:	2013-11-19 06:42 CET (History)
CC List:	4 users (show)

See Also:
What kind of report is it?:	---
What type of bug is this?:	---
Who will be affected by this bug?:	---
How will those affected feel about the bug?:	---
User Pain:
Enterprise Customer affected?:
School Customer affected?:
ISV affected?:
Waiting Support:
Flags outvoted (downgraded) after PO Review:
Ticket number:
Bug group (optional):
Max CVSS v3 score:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Tobias Scherer

2010-07-27 08:42:12 CEST

Aufgefallen an Ticket#: 2010072110000741:

79univention-printserver.inst kann die bestehenden Druckertreiber im LDAP nicht löschen, so dass die neuen, angepassten Pfade nicht hinzugefügt werden können (Object exists). Grund ist, dass in Zeile 128 eine ldapsearch-Abfrage gestartet wird, um die Existenz der alten Druckertreiberlisten zu prüfen. Die Abfrage geht gegen das lokale LDAP, scheitert jedoch da der Container "cn=cups,cn=univention,$ldap_base" nicht auf den Schulservern vorhanden ist.
Hier sollte gegen das LDAP auf dem DC Master geprüft werden.

Comment 1 Markus Dählmann 2010-08-12 13:47:44 CEST

Dieses Problem betrifft auch das Joinskript "79univention-printserver-pdf.inst".

Comment 2 Sönke Schwardt-Krummrich

2013-01-10 12:39:03 CET

Betrifft auch Nicht-UCS@school-Kunden mit selektiver Replikation.

Comment 3 Sönke Schwardt-Krummrich

2013-01-10 12:39:47 CET

In UCS 3.1 weiterhin vorhanden.

Comment 4 Moritz Muehlenhoff

2013-05-31 10:44:17 CEST

We will not ship a UCS 3.1-2 release; the next UCS release will be UCS 3.2.

As such, this bug is moved to the new target milestone.

Comment 5 Liam Schwez

2013-05-31 14:06:06 CEST

Modified "79univention-printserver.inst" and "79univention-printserver-pdf.inst" files in package "univention-printserver". Modified "univention-ldapsearch" request. Added -h "$ldap_master" -p "$ldap_master_port" in order to request LDAP on DC master for checking old printer drivers.

- imported into buildsystem (6.0.25-1)
- built package univention-printserver
- modified changelog "doc/changelog/changelog-3.2.tex" at the section "printing services"

Comment 6 Felix Botner

2013-06-17 15:44:00 CEST

> Hier sollte gegen das LDAP auf dem DC Master geprüft werden.

This does not solve the problem. 
univention-ldapsearch authenticates as default with the computer account to the ldap server. In a school environment the slave has no permissions to read "cn=cups,cn=..." even if you use the master as ldap server.

The univention-ldapsearch lookup should be started with the credentials of the join user, not the computer account.

Comment 7 Liam Schwez

2013-07-16 18:36:45 CEST

Added credentials -D and -w to the "unvention-ldapsearch" query. The credentials will be read out of parameters "$@" with a bash function "getopts". If no --binddn and no --bindpwd parameters specified the ldapsearch query will not use any credentials as parameter.

-added to in 79univention-printserver.inst and to 79univention-printserver-pdf.inst 
- imported into buildsystem 
- installed package (7.0.2.1)

Comment 8 Felix Botner

2013-07-30 13:28:31 CEST

OK - an ucs@school slave can now backup the old printer models (from the 
     master ldap with the join credentials) and create new ones

OK - Changelog

Comment 9 Stefan Gohmann

2013-11-19 06:42:25 CET

UCS 3.2 has been released:
 http://docs.univention.de/release-notes-3.2-en.html
 http://docs.univention.de/release-notes-3.2-de.html

If this error occurs again, please use "Clone This Bug".