Univention Bugzilla – Bug 43350
UDM users should not be able to remove own LDAP object
Last modified: 2018-04-13 13:29:07 CEST
Happened in Web UDM but should also affect UDM CLI:
A domain admin (foo) was logged on in UMC and opened the "users" module and removed its own user object (uid=foo). This leads to LDAP inconsistencies, because the group memberships are modified in ldap_post_remove and the modification is rejected because the LDAP user of the lo object does not exist any longer.
- the user "foo" is removed
- memberUid and uniqueMember entries are still present at all groups the user
was a member of
Duplicate of Bug #42526 which has a patch attached.
*** This bug has been marked as a duplicate of bug 42526 ***