Univention Bugzilla – Bug 34742
"uid" missing in "attributes"
Last modified: 2014-07-02 11:28:52 CEST
Created attachment 5891 [details] Fix univention-pam/well-known-sid-name-mapping.py +++ This bug was initially created as a clone of Bug #34355 +++ (In reply to Stefan Gohmann from comment #6) > Please have a look at the jenkins tests: > jenkins.knut.univention.de:8080/job/UCS 3.2 Autotest > MultiEnv/358/testReport/ > > For example the following case failed: > 00_base/95rename_administrator The listener module "well-known-sid-name-mapping" is buggy: it wrongly assumes that "uid" is unique. This is and was never true, as "modrdn" can clean to even single-value attributes having multiple values. The new listener now first does a "modrdn", which keeps the old "uid=Administrator" and adds an additional "uid=$RANDOM". The listener module then assumes that on the "move_to" part the uid already contains only the new uid, but only fetches uid[0]='"Administrator" and thus does not trigger the code to set the UCRV users/default/Administrator=uid[1]=$OTHER-UID. The new listener explicitly does a "m" after that to allow listener modules to catch up delayed changes, but "uid" is missing from list of declared list of "attributes": > updating 'cn=Administrators,cn=groups,dc=phahn,dc=dev' command m > handler: well-known-sid-name-mapping (up-to-date)
Also "sambaSid" -> "sambaSID" as the listener compares case-aware.
r49757 | Bug #34742 PAM: trigger well-known-sid-name-mapping univention-pam_7.0.4-28.247.201405030135 doc/errata/staging/2014-04-14-univention-pam.yaml r49760 | Bug #34742 PAM: trigger well-known-sid-name-mapping YAML
The YAML file should have "version: [2]", AFAIS.
r50687 | Bug #34742 PAM: YAML
Code: OK Tests: OK YAML: OK
http://errata.univention.de/ucs/3.2/132.html