Bug 40234 - Re-creating a user at a different position doesn't work
Re-creating a user at a different position doesn't work
Status: CLOSED FIXED
Product: UCS
Classification: Unclassified
Component: S4 Connector
UCS 4.0
Other Linux
: P5 normal (vote)
: UCS 4.0-4-errata
Assigned To: Stefan Gohmann
Arvid Requate
:
Depends on: 40233
Blocks:
  Show dependency treegraph
 
Reported: 2015-12-12 14:45 CET by Stefan Gohmann
Modified: 2016-07-26 19:31 CEST (History)
0 users

See Also:
What kind of report is it?: ---
What type of bug is this?: ---
Who will be affected by this bug?: ---
How will those affected feel about the bug?: ---
User Pain:
Enterprise Customer affected?:
School Customer affected?:
ISV affected?:
Waiting Support:
Ticket number:
Bug group (optional):
Max CVSS v3 score:


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Stefan Gohmann univentionstaff 2015-12-12 14:45:16 CET
Needs to be backported to UCS 4.0.

+++ This bug was initially created as a clone of Bug #40233 +++

In a UCS@school environment, a student has been removed at school A and added at school B. The new student is removed by the connector:

From the logfile:
sync from ucs: [          user] [    delete] cn=studentX,cn=schueler,cn=users,ou=schoolA,DC=test,DC=local
sync from ucs: [          user] [       add] cn=studentX,cn=schueler,cn=users,ou=schoolB,DC=test,DC=local
sync to ucs:   [          user] [    modify] uid=studentX,cn=schueler,cn=users,ou=schoolB,dc=test,dc=local
sync to ucs:   [          user] [    delete] uid=studentX,cn=schueler,cn=users,ou=schoolB,dc=test,dc=local
sync from ucs: [          user] [    delete] CN=studentX,cn=schueler,cn=users,ou=schoolB,DC=test,DC=local
sync to ucs:   [          user] [    delete] uid=studentX,cn=schueler,cn=users,ou=schoolB,dc=test,dc=local
sync from ucs: [          user] [       add] cn=studentX,cn=schueler,cn=users,ou=schoolA,DC=test,DC=local

Since the student has been removed from the internal DN mapping, the user is search via the samaccountname:
__dn_from_deleted_object: get DN from lastKnownParent (CN=schueler,CN=users,OU=schoolA,DC=test,DC=local) and rdn (cn=studentX)
object_from_element: DN of removed object: cn=studentX,CN=schueler,CN=users,OU=schoolA,DC=test,DC=local
_ignore_object: Do not ignore cn=studentX,CN=schueler,CN=users,OU=schoolA,DC=test,DC=local
samaccount_dn_mapping: samaccountname is:studentX
samaccount_dn_mapping: olddn: uid=studentX,cn=schueler,cn=users,ou=schoolA,dc=test,dc=local
samaccount_dn_mapping: newdn: uid=studentX,cn=schueler,cn=users,ou=schoolB,dc=test,dc=local
_ignore_object: Do not ignore uid=studentX,cn=schueler,cn=users,ou=schoolB,dc=test,dc=local
get_ucs_object: object found: uid=studentX,cn=schueler,cn=users,ou=schoolB,dc=test,dc=local
sync to ucs:   [          user] [    delete] uid=studentX,cn=schueler,cn=users,ou=schoolB,dc=test,dc=local
Return  result for DN (uid=studentX,cn=schueler,cn=users,ou=schoolB,dc=test,dc=local)

I think we shouldn't remove the DN mapping while removing the user, see attached patch.

Ticket #2015111821000638
Comment 1 Stefan Gohmann univentionstaff 2015-12-12 20:26:03 CET
Fix: r66294 → in case of a deletion, the premapped DN must be used

YAML: r66296

Test case: r66295 → 52_s4connector/125sync_recreate_user_at_different_position

Waiting for the test results, Jenkins job for 4.0-4errata has been started:
http://jenkins.knut.univention.de:8080/job/UCS-4.0/job/UCS-4.0-4/job/Autotest%20MultiEnv/4/
Comment 2 Stefan Gohmann univentionstaff 2015-12-14 21:43:44 CET
See Bug #40233 for more details. Two more changes:

r66326:
* Don't use the premapped DN in case the sAMAccountName has been
  changed (Bug #40234)

r66328:
* YAML update Bug #40234
Comment 4 Arvid Requate univentionstaff 2015-12-21 16:02:51 CET
Code review: Same as in UCS4.1-0
Update & Test: Ok
Advisory: Ok
Comment 5 Arvid Requate univentionstaff 2015-12-23 11:35:35 CET
<http://errata.software-univention.de/ucs/4.0/377.html>