First Last Prev Next    This bug is not in your last search results.
Bug 39365 - GPO rejects SINGLE-VALUE attribute attribute specified more than once versionNumber, gPCUserExtensionNames, gPCMachineExtensionNames
GPO rejects SINGLE-VALUE attribute attribute specified more than once version...
Status: CLOSED FIXED
Product: UCS
Classification: Unclassified
Component: S4 Connector
UCS 3.2
Other Linux
: P5 normal (vote)
: UCS 3.2-8-errata
Assigned To: Arvid Requate
Felix Botner
:
Depends on: 37259
Blocks: 38813
  Show dependency treegraph
 
Reported: 2015-09-18 14:43 CEST by Michael Grandjean
Modified: 2015-12-08 12:49 CET (History)
9 users (show)

See Also:
What kind of report is it?: ---
What type of bug is this?: ---
Who will be affected by this bug?: ---
How will those affected feel about the bug?: ---
User Pain:
Enterprise Customer affected?:
School Customer affected?:
ISV affected?:
Waiting Support:
Flags outvoted (downgraded) after PO Review:
Ticket number:
Bug group (optional):
Max CVSS v3 score:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Michael Grandjean univentionstaff 2015-09-18 14:43:51 CEST 
Please provide also a backport for UCS 3.2. This is needed by a customer.

2015091821000133
See also comments 11, 13 an 14 on Bug #37259


+++ This bug was initially created as a clone of Bug #37259 +++

I saw rejects on two customer systems till now ... (2014120121000455, 2014120921000253).

GPO's get rejected with the following Traceback:

09.12.2014 06:25:38,410 LDAP        (PROCESS): sync from ucs:   Resync rejected file: /var/lib/univention-connector/s4/1418057385.014873
09.12.2014 06:25:38,411 LDAP        (PROCESS): sync from ucs: [         msGPO] [    modify] cn={322c2f1e-721d-4ef2-9240-fb72b9d04b63},cn=policies,cn=system,dc=domain,dc=de
09.12.2014 06:25:38,420 LDAP        (ERROR  ): sync_from_ucs: traceback during modify object: cn={322c2f1e-721d-4ef2-9240-fb72b9d04b63},cn=policies,cn=system,dc=domain,dc=de
09.12.2014 06:25:38,420 LDAP        (ERROR  ): sync_from_ucs: traceback due to modlist: [(0, 'versionNumber', set([u'524288']))]
09.12.2014 06:25:38,428 LDAP        (WARNING): sync failed, saved as rejected
	/var/lib/univention-connector/s4/1418057385.014873
09.12.2014 06:25:38,430 LDAP        (WARNING): Traceback (most recent call last):
  File "/usr/lib/pymodules/python2.6/univention/s4connector/__init__.py", line 785, in __sync_file_from_ucs
    or (not old_dn and not self.sync_from_ucs(key, object, premapped_ucs_dn, old_dn, old, new))):
  File "/usr/lib/pymodules/python2.6/univention/s4connector/s4/__init__.py", line 2505, in sync_from_ucs
    self.lo_s4.lo.modify_ext_s(compatible_modstring(object['dn']), compatible_modlist(modlist), serverctrls=self.serverctrls_for_add_and_modify)
  File "/usr/lib/python2.6/dist-packages/ldap/ldapobject.py", line 808, in modify_ext_s
    return self._apply_method_s(SimpleLDAPObject.modify_ext_s,*args,**kwargs)
  File "/usr/lib/python2.6/dist-packages/ldap/ldapobject.py", line 766, in _apply_method_s
    return func(self,*args,**kwargs)
  File "/usr/lib/python2.6/dist-packages/ldap/ldapobject.py", line 295, in modify_ext_s
    return self.result(msgid,all=1,timeout=self.timeout)
  File "/usr/lib/python2.6/dist-packages/ldap/ldapobject.py", line 422, in result
    res_type,res_data,res_msgid = self.result2(msgid,all,timeout)
  File "/usr/lib/python2.6/dist-packages/ldap/ldapobject.py", line 426, in result2
    res_type, res_data, res_msgid, srv_ctrls = self.result3(msgid,all,timeout)
  File "/usr/lib/python2.6/dist-packages/ldap/ldapobject.py", line 432, in result3
    ldap_result = self._ldap_call(self._l.result3,msgid,all,timeout)
  File "/usr/lib/python2.6/dist-packages/ldap/ldapobject.py", line 96, in _ldap_call
    result = func(*args,**kwargs)
TYPE_OR_VALUE_EXISTS: {'info': '0000200D: SINGLE-VALUE attribute versionNumber on CN={322C2F1E-721D-4EF2-9240-FB72B9D04B63},CN=Policies,CN=System,DC=domain,DC=de specified more than once', 'desc': 'Type or value exists'}


The object itself seems already equal in ldap and s4.
Comment 1 Arvid Requate univentionstaff 2015-11-30 21:16:20 CET 
The patches have been backported to errata3.2-8

Advisory: univention-s4-connector.yaml
Comment 2 Felix Botner univentionstaff 2015-12-01 11:06:02 CET 
debian/univention-s4-connector.postinst
...
if [ "$1" = "configure" -a -n "$2" ] && dpkg --compare-versions "$2" lt 9.0.16-22; then
        /usr/share/univention-s4-connector/adjust_obsolete_gpo_and_wmi_rejects
...

9.0.16-22 is the 4.1 version of univention-s4-connector
Comment 3 Arvid Requate univentionstaff 2015-12-01 12:12:10 CET 
Adjusted.
Comment 4 Philipp Hahn univentionstaff 2015-12-01 15:26:26 CET 
(In reply to Felix Botner from comment #2)
> debian/univention-s4-connector.postinst
> ...
> if [ "$1" = "configure" -a -n "$2" ] && dpkg --compare-versions "$2" lt
> 9.0.16-22; then


[ -a ] is a BASHism.
No need to check for $2 being empty; dpkg has 'lt-nl'

if [ "$1" = configure ] && dpkg --compare-versions "$2" lt-nl 9.0-16-22; then


$ for v in "" 9 10; do set configure "$v" ; [ "$1" = "configure" -a -n "$2" ] && dpkg --compare-versions "$2" lt 9.0.16-22 ; b=$? ; [ "$1" = "configure" ] && dpkg --compare-versions "$2" lt-nl 9.0.16-22 ; c=$? ; echo "$v $b $c"; done
 1 1
9 0 0
10 1 1
Comment 5 Arvid Requate univentionstaff 2015-12-03 17:21:07 CET 
> [ -a ] is a BASHism.

That's good, because it's a bash script.
I backported the patch, so I'll keep it as it is in UCS 4.0-2. If there are any functional problems connected with this, we should fix them in both versions, otherwise it's a bit pointless.
Comment 6 Felix Botner univentionstaff 2015-12-04 09:51:53 CET 
OK - code backported
OK - update with resolvable conflict
OK - installation

OK - univention-s4-connector.yaml
Comment 7 Janek Walkenhorst univentionstaff 2015-12-08 12:49:24 CET 
<http://errata.software-univention.de/ucs/3.2/386.html>
First Last Prev Next    This bug is not in your last search results.