First Last Prev Next    This bug is not in your last search results.
Bug 46357 - Migrate person only accounts to address book entries
Migrate person only accounts to address book entries
Status: CLOSED FIXED
Product: UCS
Classification: Unclassified
Component: UDM (Generic)
UCS 4.3
Other Linux
: P5 normal (vote)
: UCS 4.3
Assigned To: Arvid Requate
Felix Botner
: interim-3
Depends on: 45842
Blocks: 46117
  Show dependency treegraph
 
Reported: 2018-02-21 07:26 CET by Stefan Gohmann
Modified: 2018-03-14 14:38 CET (History)
1 user (show)

See Also:
What kind of report is it?: Development Internal
What type of bug is this?: ---
Who will be affected by this bug?: ---
How will those affected feel about the bug?: ---
User Pain:
Enterprise Customer affected?:
School Customer affected?:
ISV affected?:
Waiting Support:
Flags outvoted (downgraded) after PO Review:
Ticket number:
Bug group (optional):
Max CVSS v3 score:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Stefan Gohmann univentionstaff 2018-02-21 07:26:54 CET 
See Bug #46117. The migration script should migrate the person only objects to address book entries.

The diagnostic module should honor it as well.
Comment 1 Arvid Requate univentionstaff 2018-02-26 13:23:42 CET 
Ok, I adjusted the migration script so users created with "person" option only will not be upgraded to a full user. I just change univentionObjectType to users/contact. Changelog enty not required, I think, that's covered by Bug 45842.
Comment 2 Felix Botner univentionstaff 2018-02-27 11:21:12 CET 
OK

# contact, users, four.two
dn: uid=contact,cn=users,dc=four,dc=two
displayName: contact
uid: contact
objectClass: person
objectClass: univentionPWHistory
objectClass: univentionObject
objectClass: organizationalPerson
objectClass: top
objectClass: inetOrgPerson
sn: contact
cn: contact
univentionObjectType: users/contact
Comment 3 Johannes Keiser univentionstaff 2018-03-02 21:31:59 CET 
As discussed the migration script needs to be adjusted.

The rdn for a users/contact object is the firstname(optional) and lastname
concatenated plus a running number for every object with the same firstname+lastname. e.g.:

cn=Max Meier 1,cn=users,dc=mydomain,dc=intranet
cn=Max Meier 2,cn=users,dc=mydomain,dc=intranet
cn=Max Meier 1,cn=other_users,dc=mydomain,dc=intranet

The migration script changes the object type but the rdn is still uid=***.
Comment 4 Arvid Requate univentionstaff 2018-03-05 17:35:08 CET 
c76378ed74 | rename uid= to cn= when migrating users/user to users/contact
b9bdcbd7c7 | changelog-4.3-0.xml

That way we have a) cn unique and b) we don't lose customer provided identity information. After that cn is multivalue (old value and uid). Manual renaming via UMC makes it single value again.
Comment 5 Felix Botner univentionstaff 2018-03-06 14:15:30 CET 
added four contacts

uid=username,cn=users,dc=fb,dc=bf
uid=username2,cn=users,dc=fb,dc=bf
uid=username3,cn=users,dc=fb,dc=bf
uid=username4,cn=users,dc=fb,dc=bf

-> /usr/share/univention-directory-manager-tools/univention-migrate-users-to-ucs4.3 --check
Ignoring non users/user account: uid=sys-idp-user,cn=users,dc=fb,dc=bf
Renaming uid=username,cn=users,dc=fb,dc=bf to cn=username,cn=users,dc=fb,dc=bf
Modifying  cn=username,cn=users,dc=fb,dc=bf
[('univentionObjectType', 'users/user', 'users/contact')]

Renaming uid=username2,cn=users,dc=fb,dc=bf to cn=username,cn=users,dc=fb,dc=bf
Modifying  cn=username,cn=users,dc=fb,dc=bf
[('univentionObjectType', 'users/user', 'users/contact')]

Renaming uid=username3,cn=users,dc=fb,dc=bf to cn=username,cn=users,dc=fb,dc=bf
Modifying  cn=username,cn=users,dc=fb,dc=bf
[('univentionObjectType', 'users/user', 'users/contact')]

Renaming uid=username4,cn=users,dc=fb,dc=bf to cn=username,cn=users,dc=fb,dc=bf
Modifying  cn=username,cn=users,dc=fb,dc=bf
[('univentionObjectType', 'users/user', 'users/contact')]


-> /usr/share/univention-directory-manager-tools/univention-migrate-users-to-ucs4.3 

Ignoring non users/user account: uid=sys-idp-user,cn=users,dc=fb,dc=bf
Renaming uid=username,cn=users,dc=fb,dc=bf to cn=username,cn=users,dc=fb,dc=bf
Modifying  cn=username,cn=users,dc=fb,dc=bf
[('univentionObjectType', 'users/user', 'users/contact')]

Renaming uid=username2,cn=users,dc=fb,dc=bf to cn=username,cn=users,dc=fb,dc=bf
Traceback (most recent call last):
  File "/usr/share/univention-directory-manager-tools/univention-migrate-users-to-ucs4.3", line 471, in <module>
    Migration()
  File "/usr/share/univention-directory-manager-tools/univention-migrate-users-to-ucs4.3", line 79, in __init__
    self.migrate_users()
  File "/usr/share/univention-directory-manager-tools/univention-migrate-users-to-ucs4.3", line 162, in migrate_users
    self.rename(dn, newdn)
  File "/usr/share/univention-directory-manager-tools/univention-migrate-users-to-ucs4.3", line 349, in rename
    lo.rename(dn, newdn, serverctrls=serverctrls, ignore_license=True)
  File "/usr/lib/pymodules/python2.7/univention/admin/uldap.py", line 528, in rename
    raise univention.admin.uexceptions.ldapError(_err2str(msg), original_exception=msg)
univention.admin.uexceptions.ldapError: Already exists



contact cn's should be firstname + lastname + once (username or counter)
if firstname is none, use username instead
if lastname is none, use username instead
Comment 6 Felix Botner univentionstaff 2018-03-06 14:16:50 CET 
(In reply to Felix Botner from comment #5)

> contact cn's should be firstname + lastname + once (username or counter)
> if firstname is none, use username instead
> if lastname is none, use username instead

lastname is q mandatory attribute, so this should always exist
Comment 7 Arvid Requate univentionstaff 2018-03-06 17:30:52 CET 
Ok, I have adjusted the script to generate this:

Renaming uid=user25,cn=users,dc=ar41i1,dc=qa to cn=first25 name25 (user25),cn=users,dc=ar41i1,dc=qa
Modifying  cn=first25 name25 (user25),cn=users,dc=ar41i1,dc=qa
[('cn',
  ['first25 name25', 'first25 name25 (user25)'],
  ['first25 name25 (user25)']),
 ('univentionObjectType', 'users/user', 'users/contact')]


Package: univention-directory-manager-modules
Version: 13.0.21-11A~4.3.0.201803061729
Branch: ucs_4.3-0
Comment 8 Felix Botner univentionstaff 2018-03-07 17:08:06 CET 
OK

these old user objects (contact only)

dn: uid=username,cn=users,dc=four,dc=three
displayName: Vornam Nachname
uid: username

dn: uid=username2,cn=users,dc=four,dc=three
displayName: Vornam Nachname
uid: username2

# username3, users, four.three
dn: uid=username3,cn=users,dc=four,dc=three
displayName: Vornam Nachname
uid: username3

dn: uid=userÖÄ)\3D)(\3D ÄÖ'ÄÖ,cn=users,dc=four,dc=three
displayName: Vornam Nachname
uid: userÖÄ)\3D)(\3D ÄÖ'ÄÖ

are migrated to contacts:

udm users/contact list| grep DN
DN: cn=Vorname Nachname (username),cn=users,dc=four,dc=three
DN: cn=Vorname Nachname (username2),cn=users,dc=four,dc=three
DN: cn=Vorname Nachname (username3),cn=users,dc=four,dc=three
DN: cn=Vorname Nachname (userÖÄ)\3D)(\3D ÄÖ'ÄÖ),cn=users,dc=four,dc=three
Comment 9 Stefan Gohmann univentionstaff 2018-03-14 14:38:07 CET 
UCS 4.3 has been released:
 https://docs.software-univention.de/release-notes-4.3-0-en.html
 https://docs.software-univention.de/release-notes-4.3-0-de.html

If this error occurs again, please use "Clone This Bug".
First Last Prev Next    This bug is not in your last search results.