Univention Bugzilla – Bug 47203
[4.3] school-import needs read-only cn=admin connection
Last modified: 2018-09-11 11:34:16 CEST
The UCS@school import should use a read-only cn=admin connection (instead of a machine connection) for the dry-run and wherever a write-connection is not required. To use a cn=admin connection is important, because otherwise the LDAP ACLs would create a massive slow down.
A wrapper-class for the LDAP connection object (class "uldap.access") prevents the usage of the methods 'add', 'modify', 'rename' and 'delete'. Code has been commited to git branch dtroeder/45715_4.3_checks_in_dry-run, to fix a commit there (852bad00). [dtroeder/45715_4.3_checks_in_dry-run] f6d61341b Bug #47203: add read-only LDAP connection support [dtroeder/45715_4.3_checks_in_dry-run] 22a07bfba Bug #47203: use read-only LDAP connection during dry-runs and in CSV reader
Code was merged to 4.3 and built. [4.3] 476880c71 Bug #45715 Bug #47203: Merge branch 'dtroeder/45715_4.3_checks_in_dry-run' into 4.3 [4.3] 87b3e8cb3 Bug #45715 Bug #47203: changelog [4.3] 96b537756 Bug #45715 Bug #47203: advisory ucs-school-import (16.0.2-29)
Import tested for bug 46712. Import works -> OK YAML -> OK -> Verified
UCS@school 4.3 v5 has been released. https://docs.software-univention.de/changelog-ucsschool-4.3v5-de.html If this error occurs again, please clone this bug.