Bug 41745 – univention.admin.uldap doesn't set self.binddn when calling bind manually

Bug 41745 - univention.admin.uldap doesn't set self.binddn when calling bind manually


Summary:	univention.admin.uldap doesn't set self.binddn when calling bind manually

Status:	CLOSED FIXED

Product:	UCS
Classification:	Unclassified
Component:	UDM (Generic)
Version:	UCS 4.1
Hardware:	Other Linux

Importance:	P5 normal (vote)
Target Milestone:	UCS 4.2
Assigned To:	Florian Best
QA Contact:	Philipp Hahn

URL:
Keywords:	interim-1

Depends on:
Blocks:
	Show dependency tree / graph

Reported:	2016-07-07 16:02 CEST by Florian Best
Modified:	2017-04-04 18:29 CEST (History)
CC List:	2 users (show)

See Also:	41765 41812 41811
What kind of report is it?:	Bug Report
What type of bug is this?:	3: Simply Wrong: The implementation doesn't match the docu
Who will be affected by this bug?:	3: Will affect average number of installed domains
How will those affected feel about the bug?:	2: A Pain – users won’t like this once they notice it
User Pain:	0.103
Enterprise Customer affected?:
School Customer affected?:
ISV affected?:
Waiting Support:
Flags outvoted (downgraded) after PO Review:
Ticket number:
Bug group (optional):
Max CVSS v3 score:

Flags:	best: Patch_Available+

Attachments
patch (678 bytes, patch) 2016-07-08 12:06 CEST, Florian Best	Details \| Diff
patch (3.16 KB, patch) 2016-07-14 13:58 CEST, Florian Best	Details \| Diff
patch (1.50 KB, patch) 2016-07-18 14:42 CEST, Florian Best	Details \| Diff
Show Obsolete (2) View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Florian Best

2016-07-07 16:02:56 CEST

>>> import univention.admin.uldap
>>> lo = univention.admin.uldap.access(base='dc=foo')
>>> lo.bind('uid=Administrator,cn=users,dc=foo', 'univention')
>>> lo.binddn
''

If given via __init__(binddn=foo, bindpw=bar) they are stored. Otherwise not.
This might have several side effects! In UCS@school lo.binddn is used.

Comment 1 Florian Best

2016-07-08 12:06:22 CEST

Created attachment 7789 [details]
patch

Comment 2 Florian Best

2016-07-14 13:58:36 CEST

Created attachment 7801 [details]
patch

Updated patch. There are several broken places. This currently causes that the joining windows clients into a UCS@school domain they are created in a random school - if the LDAP entries weren't created before.

Comment 3 Florian Best

2016-07-14 14:01:57 CEST

The alternative to fix this is fixing Bug #41765 by adding "-o school=$OU" to the create_windows_computer call in univention_samaccountname_ldap_check.c. This bug should be fixed nevertheless so that lo.binddn can be used by scripts.

Comment 4 Florian Best

2016-07-18 14:42:15 CEST

Created attachment 7810 [details]
patch

Make binddn a property in univention.uldap.access which points to the univention.access.binddn attribute. The other files in the patches are unnecessary then or part of Bug #41812, Bug #41811.

Comment 5 Florian Best

2016-09-06 18:27:20 CEST

univention-directory-manager-modules (12.0.3-1):
r72331 | Bug #41745: use binddn from parent access class

Comment 6 Philipp Hahn

2017-01-23 13:34:58 CET

OK: r72331
OK: No ChangeLog

OK:
import univention.admin.uldap as l
b = l.configRegistry['ldap/base']
lo = l.access(base=b)
dn = 'uid=Administrator,cn=users,%s' % (b,)
lo.bind(dn, 'univention')
assert lo.binddn == dn
assert lo.bindpw == 'univention'
assert lo.host == 'localhost'
assert lo.port == 7389
assert lo.base == b
assert lo.start_tls == 2

Comment 7 Stefan Gohmann

2017-04-04 18:29:36 CEST

UCS 4.2 has been released:
 https://docs.software-univention.de/release-notes-4.2-0-en.html
 https://docs.software-univention.de/release-notes-4.2-0-de.html

If this error occurs again, please use "Clone This Bug".