Univention Bugzilla – Bug 35521
UDM group name syntax too strict for standard french AD group names
Last modified: 2014-09-10 17:40:11 CEST
The current UDM syntax for group names is too strict e.g. for french AD group names. In the AD-Connector log I see the following traceback: InvalidSyntax: Name: Value may not contain other than numbers , letters and dots! (cn=Contrôleurs de domaine d’entreprise en lecture seule,cn=users,dc=w2k12,dc=test) As a workaround one can ucr set directory/manager/web/modules/groups/group/properties/name/syntax=string and restart the AD Connector. But maybe it would be better to adjust the univention.admin.syntax.gid to allow more chracters (like we have done for the username).
Created attachment 6029 [details] test_group_syntax.py Example script.
*** Bug 35479 has been marked as a duplicate of this bug. ***
The UDM group name syntax has been adapted: UCS 3.2-3: r53238 + r53240 UCS 4.0: r53239 + r53241 YAML: r53242
OK - AD takeover with a french AD works just fine -> udm groups/group list | grep DN DN: cn=Utilisateurs du modèle COM distribué,cn=Builtin,dc=w2k12,dc=test DN: cn=Contrôleurs de domaine,cn=groups,dc=w2k12,dc=test DN: cn=Contrôleurs de domaine en lecture seule,cn=groups,dc=w2k12,dc=test DN: cn=Invités,cn=Builtin,dc=w2k12,dc=test DN: cn=Duplicateurs,cn=Builtin,dc=w2k12,dc=test DN: cn=Ordinateurs du domaine,cn=groups,dc=w2k12,dc=test DN: cn=Lecteurs des journaux d’événements,cn=Builtin,dc=w2k12,dc=test DN: cn=Groupe d’accès d’autorisation Windows,cn=Builtin,dc=w2k12,dc=test DN: cn=Serveurs de licences des services Terminal Server,cn=Builtin,dc=w2k12,dc=test DN: cn=Opérateurs de sauvegarde,cn=Builtin,dc=w2k12,dc=test DN: cn=Générateurs d’approbations de forêt entrante,cn=Builtin,dc=w2k12,dc=test DN: cn=Éditeurs de certificats,cn=groups,dc=w2k12,dc=test DN: cn=Serveurs RAS et IAS,cn=groups,dc=w2k12,dc=test DN: cn=IIS_IUSRS,cn=Builtin,dc=w2k12,dc=test DN: cn=Accès DCOM service de certificats,cn=Builtin,dc=w2k12,dc=test DN: cn=Utilisateurs,cn=Builtin,dc=w2k12,dc=test DN: cn=DnsUpdateProxy,cn=groups,dc=w2k12,dc=test description: DNS clients who are permitted to perform dynamic updates on behalf of some other clients (such as DHCP servers). DN: cn=Utilisateurs de gestion à distance,cn=Builtin,dc=w2k12,dc=test DN: cn=Contrôleurs de domaine clonables,cn=users,dc=w2k12,dc=test DN: cn=Serveurs Accès Distant RDS,cn=Builtin,dc=w2k12,dc=test DN: cn=Serveurs RDS Endpoint,cn=Builtin,dc=w2k12,dc=test DN: cn=Serveurs Gestion RDS,cn=Builtin,dc=w2k12,dc=test DN: cn=WinRMRemoteWMIUsers__,cn=users,dc=w2k12,dc=test DN: cn=testgroup,cn=users,dc=w2k12,dc=test DN: cn=Administrateurs Hyper-V,cn=Builtin,dc=w2k12,dc=test OK - UCS 4.0-0 OK - YAML
http://errata.univention.de/ucs/3.2/197.html