First Last Prev Next    This bug is not in your last search results.
Bug 46756 - [4.2] ucs-school-ntlm-auth uses the master to authenticate in @school environments instead of local slave
[4.2] ucs-school-ntlm-auth uses the master to authenticate in @school environ...
Status: CLOSED FIXED
Product: UCS@school
Classification: Unclassified
Component: Radius
UCS@school 4.2
Other Linux
: P5 normal (vote)
: UCS@school 4.2 v8
Assigned To: Daniel Tröder
Jürn Brodersen
:
Depends on: 46531
Blocks:
  Show dependency treegraph
 
Reported: 2018-03-28 16:15 CEST by Daniel Tröder
Modified: 2018-04-06 22:09 CEST (History)
4 users (show)

See Also:
What kind of report is it?: Bug Report
What type of bug is this?: 3: Simply Wrong: The implementation doesn't match the docu
Who will be affected by this bug?: 2: Will only affect a few installed domains
How will those affected feel about the bug?: 3: A User would likely not purchase the product
User Pain: 0.103
Enterprise Customer affected?:
School Customer affected?: Yes
ISV affected?:
Waiting Support:
Flags outvoted (downgraded) after PO Review:
Ticket number: 2018030621000751
Bug group (optional):
Max CVSS v3 score:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Daniel Tröder univentionstaff 2018-03-28 16:15:08 CEST 
Merge changes to UCS@school 4.3 from Bug #46531 into 4.2.

+++ This bug was initially created as a clone of Bug #46531 +++

In a customer school environment, the master was not reachable.
The login via wifi did not work, though the radius-server was reachable and was configured to authenticate against the local slave ldap.

In /etc/freeradius/modules/ldap the school-slave is configured

But in /usr/bin/ucs-school-ntlm-auth

ldapConnection = univention.uldap.getMachineConnection() is used. 
→ getMachineConnection() always uses the master if ldap_master=False is not passed.
Comment 1 Daniel Tröder univentionstaff 2018-03-28 16:22:39 CEST 
[4.2 0f4f8578] Bug #46756: use local LDAP server
[4.2 e84063a9] Bug #46756: advisory

ucs-school-radius-802.1x (6.0.1-4)
Comment 2 Jürn Brodersen univentionstaff 2018-04-03 15:48:20 CEST 
Test: 72_radius_authentication -> OK
YAML -> OK

-> Verified
Comment 3 Sönke Schwardt-Krummrich univentionstaff 2018-04-06 22:09:04 CEST 
UCS@school 4.2 v8 has been released.

https://docs.software-univention.de/changelog-ucsschool-4.2v8-de.html

If this error occurs again, please clone this bug.
First Last Prev Next    This bug is not in your last search results.