Univention Bugzilla – Bug 45287
'Account deactivation' and 'Locked login methods' can't be set at once
Last modified: 2017-11-21 11:56:31 CET
If I set 'Account deactivation' to 'All disabled' and 'Locked login methods' to 'Lock all login methods' in one step, the option 'Account deactivation' is set to 'POSIX and Kerberos disabled'.
*** Bug 33394 has been marked as a duplicate of this bug. ***
*** Bug 24185 has been marked as a duplicate of this bug. ***
Made the bug more relevant, because its duplicate Bug #24185 is the reason for Bug #42913, which is an important school bug.
The difference which would be correct afterwards: -shadowExpire: 17449 +shadowExpire: 1
Please reactivate (make it fail, not just print an error message) ucs-test-ucsschool/90_ucsschool/216_import-users_delete_variants (around line 156) when this is fixed.
The problem was, that sambaAcctFlags was changed multiple times in the modlist and didn't contain the "D" afterwards. I unified the setting of sambaAcctFlags in one central place. univention-directory-manager-modules (12.0.18-10): NONE | Bug #45287: Merge branch 'fbest/45287-samba-acct-flags-wrong-after-locked-and-disabled-changed' into 4.2-2 NONE | Bug #45287: the sambaAcctFlags are now correctly set when "locked" and "deactivated" is set at once during modification of user objects univention-directory-manager-modules.yaml: NONE | Bug #45287: Merge branch 'fbest/45287-samba-acct-flags-wrong-after-locked-and-disabled-changed' into 4.2-2 NONE | YAML Bug #45287
I think this broke something on memberservers: http://jenkins.knut.univention.de:8080/job/UCSschool%204.2/job/UCSschool%204.2%20Multiserver/SambaVersion=s4-school-only-with-memberserver/206/
(In reply to Daniel Tröder from comment #7) > I think this broke something on memberservers: > http://jenkins.knut.univention.de:8080/job/UCSschool%204.2/job/UCSschool%204. > 2%20Multiserver/SambaVersion=s4-school-only-with-memberserver/206/ What exactly are you referring to? All the tests fail because: Warning: 'univention-samba4-dns' is not configured. And the system is not correctly joined anymore. → This is probably caused by the erratum yesterday: Bug #45439?!
OK: code OK: advisory OK: test: added (commit c6a7fdca) the ucs-test 61_udm-users/37_user_modification_set_deactivation_and_locked which fails with u-d-m-modules < 12.0.18-10 and succeeds with u-d-m-modules 12.0.18-10.
check_errata_for_release says: [FAIL] changes.valid: Mismatching binary package version: 12.0.18-10A~4.2.0.201709261808 != python-univention-directory-manager 12.0.18-11A~4.2.0.201710091208 from univention-directory-manager-modules 12.0.18-11A~4.2.0.201710091208 I guess the version in the advisory doesn't match the latest changelog/build?
done.
<http://errata.software-univention.de/ucs/4.2/190.html>
For the search: LDAP Error: Constraint violation: sambaAcctFlags: multiple values provided Reported again, version/erratalevel: 197 version/patchlevel: 1 version/releasename: Lesum version/version: 4.2