Bug 36113 - Update replication.py to filter operational (builtin) ppolicy overlay attributes
Update replication.py to filter operational (builtin) ppolicy overlay attributes
Product: UCS
Classification: Unclassified
Component: LDAP
UCS 3.2
Other Linux
: P5 normal (vote)
: UCS 3.2-3-errata
Assigned To: Arvid Requate
Felix Botner
Depends on:
Blocks: 31907 36353
  Show dependency treegraph
Reported: 2014-10-09 20:25 CEST by Arvid Requate
Modified: 2014-10-30 13:52 CET (History)
4 users (show)

See Also:
What kind of report is it?: ---
What type of bug is this?: ---
Who will be affected by this bug?: ---
How will those affected feel about the bug?: ---
User Pain:
Enterprise Customer affected?:
School Customer affected?:
ISV affected?:
Waiting Support:
Ticket number:
Bug group (optional):
Max CVSS v3 score:


Note You need to log in before you can comment on or make changes to this bug.
Description Arvid Requate univentionstaff 2014-10-09 20:25:52 CEST
The ppolicy LDAP overlay has a couple of operational (builtin) attributes, which need to be filtered out in replication.py. It's important that this filtering is in place on all UCS DCs *before* the ppolicy overlay gets loaded on any UCS DC master or UCS DC backup, otherwise OpenLDAP will refuse to start on the replicating DCs when it discovers the operational (builtin) attributes in the replicated schema.conf. 

Thus we should ship an errata update for univention-directory-replication and require this to be installed before any system is updated to UCS 4.0.

While we are at it, we might as well also filter out the new operation attributes inherent to the "mdb" database backend.

+++ This bug was initially created as a clone of Bug #31907 +++
Comment 1 Arvid Requate univentionstaff 2014-10-09 20:39:17 CEST
Advisory: 2014-10-09-univention-directory-replication.yaml
Comment 2 Felix Botner univentionstaff 2014-10-15 13:25:31 CEST
Comment 3 Janek Walkenhorst univentionstaff 2014-10-22 16:05:41 CEST