Bug 35572 - guess_ad_domain_language() is broken
guess_ad_domain_language() is broken
Status: CLOSED FIXED
Product: UCS
Classification: Unclassified
Component: AD Connector
UCS 3.2
Other Linux
: P5 normal (vote)
: UCS 3.2-3-errata
Assigned To: Stefan Gohmann
Felix Botner
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2014-08-05 14:15 CEST by Felix Botner
Modified: 2014-09-10 17:33 CEST (History)
2 users (show)

See Also:
What kind of report is it?: ---
What type of bug is this?: ---
Who will be affected by this bug?: ---
How will those affected feel about the bug?: ---
User Pain:
Enterprise Customer affected?:
School Customer affected?:
ISV affected?:
Waiting Support:
Flags outvoted (downgraded) after PO Review:
Ticket number:
Bug group (optional):
Max CVSS v3 score:


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Felix Botner univentionstaff 2014-08-05 14:15:31 CEST
After ad connector configuration with a english ad i have 

 connector/ad/mapping/group/language=de

guess_ad_domain_language() runs adsearch on 'cn=Domänen-Admins' and checks the return value (== 0 -> de, else -> en). But the univention-adsearch tool always returns 0 even if the filter does not match.

-> univention-adsearch cn=sadsa;echo $?
#
# univention-adsearch
# filter: cn=sadsa
#

#
# results: 0
#

0

Maybe adsearch() has to filter the output (grep DN:)?

After this, i have two "domain users", "domain guest", ... groups in my ad (sync mode) and rejects.

-> univention-connector-list-rejected 

        UCS rejected

    1:   UCS DN: cn=Domain Guests,cn=groups,dc=w2k8r2en,dc=test
          AD DN: cn=domain guests,cn=users,dc=w2k8r2en,dc=test
         Filename: /var/lib/univention-connector/ad/1407240130.637801

    2:   UCS DN: cn=Domain Users,cn=groups,dc=w2k8r2en,dc=test
          AD DN: cn=domain users,cn=users,dc=w2k8r2en,dc=test
         Filename: /var/lib/univention-connector/ad/1407240133.067947

    3:   UCS DN: cn=Domain Users,cn=groups,dc=w2k8r2en,dc=test
          AD DN: cn=domain users,cn=users,dc=w2k8r2en,dc=test
         Filename: /var/lib/univention-connector/ad/1407240267.797758

    4:   UCS DN: cn=Domain Users,cn=groups,dc=w2k8r2en,dc=test
          AD DN: cn=domain users,cn=users,dc=w2k8r2en,dc=test
         Filename: /var/lib/univention-connector/ad/1407240339.504276


AD rejected
Comment 1 Felix Botner univentionstaff 2014-08-05 14:17:28 CEST
After 

 ucr set connector/ad/mapping/group/language='en'

the rejects are gone.
Comment 2 Stefan Gohmann univentionstaff 2014-09-02 10:44:10 CEST
I've fixed the function guess_ad_domain_language(). The function is also called at a later point otherwise the SSL configuration is not ready.
UCS 3.2-3: r53229
UCS 4.0: r53230
YAML: r53231
Comment 3 Felix Botner univentionstaff 2014-09-02 17:34:05 CEST
OK - AD conn with german AD
OK - AD conn with english AD

OK - YAML
OK - UCS 4.0
Comment 4 Janek Walkenhorst univentionstaff 2014-09-10 17:33:22 CEST
http://errata.univention.de/ucs/3.2/186.html