Univention Bugzilla – Bug 36334
Installation fails with weird base-dn
Last modified: 2014-12-04 12:23:51 CET
I used the ldap base "st=some,o=wired,l=ldap,cn=base,c=ru" and the installation did not complain. Installation went to 49% and is stuck now. The join.log suggests that the import of the base.ldif failed: root@somewhere:/var/log/univention# cat join.log 5450a45c OVER: Loading Translog Overlay 5450a45c OVER: db_init 5450a45c OVER: Configuring Translog Overlay 5450a45c OVER: Configured Translog Overlay to use file "/var/lib/univention-ldap/listener/listener" slapadd: dn="st=some,o=wired,l=ldap,cn=base,c=ru" (line=1): (65) no structural object class provided 5450a45c OVER: db_close 5450a45c OVER: db_destro
PT UCS-4.0: My LDAP base "ou=Linux,o=World Domination,l=Gießen,st=Hessen,c=DE" is rejected: > Invalid LDAP base! > Expected format: > dc=mydomain,dc=intranet because it contains a blank, which is a valid character. The error message from ./umc/js/setup/ApplianceWizard.js:206 doesn't provide any hint why the DN is rejected. The VM is now stuck in an endless-loop with "slapd" running, but not answering: > Configure /usr/lib/univention-install/05univention-bind.inst > /usr/share/univention-admin-tools/univention-dnsedit: timeout while trying to contact LDAP server h70.phahn.pt No network is configures, so h70.phahn.pt resolved to 10.200.17.76 which is unreachable. Next try was "c=Univention", which is accepted by System-Setup, but rejected by slapdtest: > /etc/ldap/slapd.conf: line 113: <rootdn> invalid DN 21 (Invalid syntax) > rootdn "c=Univention" ('c' is short for 'countryName' and should be used with 2-letter code) > univention-ldapsearch -xLLLo ldif-wrap=no -s base -b cn=Subschema attributeTypes | grep countryName > attributeTypes: ( 2.5.4.6 NAME ( 'c' 'countryName' ) DESC 'RFC2256: ISO-3166 country 2-letter code' SUP name SINGLE-VALUE ) The VM is again stuck, but slapd is not even running.
Respecting the rules from base/univention-installer/installer/modules/50_basis.py (under 3.x), system setup is now using the following regular expression: > ^(dc|cn|c|o|l)=[a-zA-Z0-9-]+(,(dc|cn|c|o|l)=[a-zA-Z0-9-]+)+$ This should be fine, AFAIS. Fixed [r56423,56424]. univention-system-setup (8.1.65-38): * Bug #36334: adjust validation of LDAP base
univention-system-setup (8.1.65-39): * Bug #36334: corrected regular expression for LDAP base
Added YAML file entry [r56424].
Fix: OK, invalid DN's are rejected by backend and frontend(tooltip). Valid DN's are still working (even dc=0,dc=-). Multiple RDN's are accepted. Error-Message[DE|EN]: OK, german contains english RDN-string but okay YAML: OK
http://errata.univention.de/ucs/4.0/2.html