First Last Prev Next    This bug is not in your last search results.
Bug 35096 - UCS in Active Directory domain - Test setup
UCS in Active Directory domain - Test setup
Status: CLOSED FIXED
Product: UCS Test
Classification: Unclassified
Component: Samba
unspecified
Other Linux
: P5 enhancement (vote)
: UCS 4.0-0-errata
Assigned To: Drees Dormann
Stefan Gohmann
:
Depends on: 35913
Blocks: 34091
  Show dependency treegraph
 
Reported: 2014-06-11 08:31 CEST by Stefan Gohmann
Modified: 2015-01-29 11:53 CET (History)
4 users (show)

See Also:
What kind of report is it?: ---
What type of bug is this?: ---
Who will be affected by this bug?: ---
How will those affected feel about the bug?: ---
User Pain:
Enterprise Customer affected?:
School Customer affected?:
ISV affected?:
Waiting Support:
Flags outvoted (downgraded) after PO Review:
Ticket number:
Bug group (optional):
Max CVSS v3 score:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Stefan Gohmann univentionstaff 2014-06-11 08:31:21 CEST 
We should add a Jenkins test for this mode.

+++ This bug was initially created as a clone of Bug #34091 +++

It should be possible to run UCS as part of an Active Directory domain. In this case UCS must not provide Kerberos, DNS or Samba domain controller functionality.

The synchronization of users, groups and computers will be done through the UCS AD connector. A password synchronization is not necessary, we will add an overlay module for OpenLDAP which uses the AD Kerberos as password verification backend for simple LDAP bind.

The UCS system should able to provide Samba shares.

Synchronized objects should be marked as synced (objectsuniventionObjectFlag: synced). In the default read mode of the connector it should not be possible to modify the synchronized attributes. The UDM modules property extension should be extended, for example "readonly_when_synced: True", default is False. Furthermore the object creation via UMC should display a warning that this object will not synchronized to AD.
Comment 1 Drees Dormann univentionstaff 2014-12-18 09:26:02 CET 
thx for the info, i applied the patch
Comment 2 Stefan Gohmann univentionstaff 2015-01-19 21:27:04 CET 
OK, the Jenkins jobs are up and running:
 http://jenkins.knut.univention.de:8080/job/UCS-4.0/job/UCS-4.0-0/job/AD%20Member%20MultiEnv/
Comment 3 Arvid Requate univentionstaff 2015-01-21 13:14:40 CET 
This doesn't look good:


Execute: /root/ad-join.py -u Administrator -p Univention@99 -D 10.210.251.192 -A Administrator -P Univention@99
  File "/root/ad-join.py", line 114
    ucr.get('tests/domainadmin/pwd') = options.domain_password
SyntaxError: can't assign to function call


Found in: http://jenkins.knut.univention.de:8080/job/UCS-4.0/job/UCS-4.0-0/job/AD%20Member%20MultiEnv/Mode=module,Version=w2k8r2-english/lastSuccessfulBuild/artifact/autotest-221-admember-w2k8r2-english.log


svn blame points to this Bug.
Comment 4 Drees Dormann univentionstaff 2015-01-21 16:38:36 CET 
fixed setting new password
Comment 5 Stefan Gohmann univentionstaff 2015-01-27 08:34:22 CET 
OK
First Last Prev Next    This bug is not in your last search results.