Bug 35480 - Don't replicate old memberof attributes
Don't replicate old memberof attributes
Product: UCS
Classification: Unclassified
Component: Listener (univention-directory-listener)
UCS 3.2
Other Linux
: P5 normal (vote)
: UCS 3.2-3-errata
Assigned To: Arvid Requate
Felix Botner
Depends on:
  Show dependency treegraph
Reported: 2014-07-28 09:03 CEST by Tim Petersen
Modified: 2014-09-10 17:43 CEST (History)
2 users (show)

See Also:
What kind of report is it?: ---
What type of bug is this?: ---
Who will be affected by this bug?: ---
How will those affected feel about the bug?: ---
User Pain:
Enterprise Customer affected?:
School Customer affected?:
ISV affected?:
Waiting Support:
Ticket number:
Bug group (optional):
Max CVSS v3 score:


Note You need to log in before you can comment on or make changes to this bug.
Description Tim Petersen univentionstaff 2014-07-28 09:03:51 CEST
Ticket #2014071521000386

If memberof-overlay is disabled, the existing memberOf Attribute turns to an undefined attribute "MEMBEROF" which is findable as meta info (ldapsearch +).

The replication handler uses "*" and "+" as search filter, thus the join of (new) systems fails with an failed.ldif.

You could either:
1. Clean up ldap (remove MEMBEROF)
2. Don't replicate the attribute "MEMBEROF" in replication handler
Comment 1 Arvid Requate univentionstaff 2014-09-04 17:26:02 CEST
Fixed, Advisory: 2014-09-04-univention-directory-replication.yaml
Comment 2 Felix Botner univentionstaff 2014-09-05 12:35:57 CEST
Why not add "MEMBEROF" to the EXCLUDE_ATTRIBUTES list?
Comment 3 Arvid Requate univentionstaff 2014-09-08 11:31:33 CEST
Yes, that's better, adjusted and rebuilt.
Comment 4 Felix Botner univentionstaff 2014-09-08 12:19:58 CEST
OK - slave join with MEMBEROF
OK - 4.0
Comment 5 Janek Walkenhorst univentionstaff 2014-09-10 17:43:09 CEST