Univention Bugzilla – Bug 42131
Reset counter for usernames only possible via ldapmodify for import interface
Last modified: 2019-04-01 00:44:11 CEST
According to Feedback on Ticket#2016082421000167 related to the Import-Interface. The customer asked for a possibility to reset the counter variables for usernames to 0. He was aware of the functionality of the counters but tested around and would like to reset the counters to 0 to going productive. I think a UDM-Module for it would be sufficient. Than everyone who wants to reset the counter in cn=usernameXY,cn=unique-usernames,cn=ucsschool,cn=univention,dc=ldapXY,dc=baseXY can do it at one's own risk. Currently it is only possible via ldapmodify.
There is a Customer ID set so I set the flag "School Customer affected".
Very quick and dirty workaround I used at a customers site. They did one import, none of the users had logged in so far, and realized that the username scheme was wrong. A second import still resulted in a few duplicates so we did this: To get the DNs of all unique usernames without LDAP base (in the customers environment the DNs were too long (more than one line) with their base): univention-ldapsearch | grep "cn=unique-usernames,cn=ucsschool,cn=univention" | sed 's/dn: //' | sed 's/,dc.*//' | tail -n +2 To remove all unique usernames: for i in $(univention-ldapsearch | grep "cn=unique-usernames,cn=ucsschool,cn=univention" | sed 's/dn: //' | sed 's/,dc.*//' | tail -n +2 ); do ldapdelete -D "uid=<ADMIN USER>,cn=users,$(ucr get ldap/base)" -w <PASSWORD> -h localhost -p 7389 "${i},$(ucr get ldap/base)"; done
The subtree to search can be set with "-b" and to only search below it (not include the root itself) set the scope (-s): "-s children". To remove the line wrap pipe through ldapsearch-wrapper. As last arguments supply the attributes you want shown (here only "dn"). "-LLL" to remove metadata and statistics: univention-ldapsearch -LLL -s children -b "cn=unique-usernames,cn=ucsschool,cn=univention,$(ucr get ldap/base)" dn | ldapsearch-wrapper | grep . | cut -d ' ' -f 2 ldapdelete takes a list of DNs as last arguments, so it can be called with all DNs at once, instead of starting it n times. Use "-y" to make it read from a file (if you're on the master and can use cn=admin): ldapdelete -x -D "cn=admin,$(ucr get ldap/base)" -y /etc/ldap.secret -h localhost -p 7389 $(univention-ldapsearch -LLL -s children -b "cn=unique-usernames,cn=ucsschool,cn=univention,$(ucr get ldap/base)" dn | ldapsearch-wrapper | grep . | cut -d ' ' -f 2)
(In reply to Daniel Tröder from comment #3) > ldapdelete -x -D "cn=admin,$(ucr get ldap/base)" -y /etc/ldap.secret -h > localhost -p 7389 $(univention-ldapsearch -LLL -s children -b > "cn=unique-usernames,cn=ucsschool,cn=univention,$(ucr get ldap/base)" dn | > ldapsearch-wrapper | grep . | cut -d ' ' -f 2) This might be error prone if the base DN contains whitespace. Improved suggestion: export IFS=$'\n' ldapdelete -x -D "cn=admin,$(ucr get ldap/base)" -y /etc/ldap.secret \ -h $(ucr get ldap/master) -p 7389 \ $(univention-ldapsearch -LLL -o ldif-wrap=no -s children \ -b "cn=ucsschool,cn=univention,$(ucr get ldap/base)" dn | sed -nre 's/dn: //p')
I implemented a script for a customer, to be able to modify existing counters.
# /usr/share/ucs-school-import/scripts/reset_username_counter --help usage: reset_username_counter [-h] [-e] [-p PATTERN] [-w] UCS@school import unique username/email purge tool optional arguments: -h, --help show this help message and exit -e, --email Purge unique email address counters instead of usernames [default: False]. -p PATTERN, --pattern PATTERN Pattern for LDAP filter to lookup username / email address counters to purge [default: *]. -w, --write Modify the LDAP. Default is False: make a dry-run. -------------------------------------------------------------------------- [4.4] 76d0fe4ba Bug #42131: add script to purge username and email counter ucs-school-import (17.0.5-3)
The script was renamed to "reset_schema_counter". [4.4] de870673c Bug #42131: rename counter putrge script ucs-school-import (17.0.5-4)
Changelog: Typo putrge -> purge Advisory: missing Package installs: OK Script exists and working: OK
Fixed the changelog and added an advisory. [4.4 ce23e9cd4] Bug #42131: advisory
Changelog: OK Advisory: name of script fixed: OK
UCS@school 4.4 v2 has been released. https://docs.software-univention.de/changelog-ucsschool-4.4v2-de.html If this error occurs again, please clone this bug.