Univention Bugzilla – Bug 48226
Migrate all objects to provide role attribute
Last modified: 2019-03-12 10:58:37 CET
+++ This bug was initially created as a clone of Bug #45379 +++ It would be very useful to provide all UCS@school objects with a unique object class / attribute (e.g.: ucsschoolObjectType=...). Based on already existing object class on the user objects: Users: ucsschoolStudent / ucsschoolTeacher / ucsschoolAdministrator / ucsschoolStaff I would like to see this also for groups: Groups: ucsschoolWorkingGroup / ucsschoolClass / ucsschoolCompuerRoom Why is this necessary? At the moment it is really hard to find and identify all classes or all working groups. At the end they are all ldap groups. There are no difference between the objects, only the location in the ldap make a group to a class or a working group. Also, the objects do not differ from the default built-in groups. Our claim is that the LDAP is the leading data source, so it must also be easy to find the data (e.g. for sync to external services). I would suggest, that these unique object classes / attributes should be set during the import. Also, there must be an option to edit these options (like the user options).
Some colleagues :) asked to use this in ucs as well. It was suggested that we add a ucsRole schema as well.
The migration should be called up automatically during the update and should also be able to be executed manually afterwards.
oschwieg/4.4/48226 This objects are migrated so far: MIGRATION_CLASSES = ( SchoolClass, WorkGroup, ComputerRoom, ClassShare, WorkGroupShare, SchoolDCSlave, WindowsComputer, MacComputer, IPComputer) Two problems I encountered that block the completion of this feature: School class shares are also returned by WorkGroupShare.get_all() School.get_all(lo, filter=str='something') returns all organisation units in LDAP
Please create a ucs-test that looks for ucsschool objects that should have the ucsschoolRole attribute set, but are missing it. Then enable the UCRV in the jenkins job before installing the ucsschool app.
(In reply to Daniel Tröder from comment #4) > Please create a ucs-test that looks for ucsschool objects that should have > the ucsschoolRole attribute set, but are missing it. > Then enable the UCRV in the jenkins job before installing the ucsschool app. In 4.3.
After clearing up a misunderstanding the feature request was reimplemented in oschwieg/4.4/48226v2 The following changes were added: - The role feature is now activated by default (all ucrv lookups for ucsschool/feature/roles default to True now if the variable is unset) - The migration script runs during the upgrade of ucs-school-import and migrates the following objects: school, school groups (lehrer, mitarbeiter, schueler, Domain Users), WindowsComputer, MacComputer, IPComputer, ClassShare, WorkGroupShare, ComputerRoom, SchoolClass, User, WorkGroup, central servers, school servers The automatic migration can be stopped by setting ucsschool/feature/roles/skip_migration=yes before update (Release note entry was added) Changed packages: ucs-school-import ucs-school-lib ucs-test-ucsschool
Package: ucs-school-lib Version: 12.0.1-3A~4.4.0.201901101158 Branch: ucs_4.4-0 Scope: ucs-school-4.4 Package: ucs-school-import Version: 17.0.1-0A~4.4.0.201901101159 Branch: ucs_4.4-0 Scope: ucs-school-4.4 Package: ucs-test-ucsschool Version: 6.0.0-3A~4.4.0.201901101205 Branch: ucs_4.4-0 Scope: ucs-school-4.4
*** Bug 48252 has been marked as a duplicate of this bug. ***
(In reply to Ole Schwiegert from comment #6) > - The role feature is now activated by default (all ucrv lookups for > ucsschool/feature/roles default to True now if the variable is unset) IMHO the UCRV should be removed. The feature is a requirement now, that we want to depend upon in the future.
You are of course correct, I will change the code accordingly
Package: ucs-test-ucsschool Version: 6.0.0-4A~4.4.0.201901101253 Branch: ucs_4.4-0 Scope: ucs-school-4.4 Package: ucs-school-import Version: 17.0.1-1A~4.4.0.201901101254 Branch: ucs_4.4-0 Scope: ucs-school-4.4 Package: ucs-school-lib Version: 12.0.1-4A~4.4.0.201901101256 Branch: ucs_4.4-0 Scope: ucs-school-4.4
Object exists: cn=ucsschoolRoleClientComputers,cn=UCSschool,cn=custom attributes,cn=univention,dc=uni,dc=dtr Object exists: cn=ucsschoolRoleShares,cn=UCSschool,cn=custom attributes,cn=univention,dc=uni,dc=dtr /usr/lib/univention-install/35ucs-school-import.inst: Zeile 545: ./usr/share/ucs-school-import/scripts/migrate_ucsschool_roles: Datei oder Verzeichnis nicht gefunden __JOINERR__:FAILED: /usr/lib/univention-install/35ucs-school-import.inst EXITCODE=127
fixed in Package: ucs-school-import Version: 17.2.0-3A~4.4.0.201901211027 Branch: ucs_4.4-0 Scope: ucs-school-4.4
OK What I tested: Updated the lib and import packages -> OK ucsschoolRole is now set everywhere -> OK ucsschoolRole is set for new objects -> OK Singleserver and Multiserver -> OK I came across bug 48505, but I think it makes more sense to track such bugs separately. -> Verified
UCS@school 4.4 v1 has been released. https://docs.software-univention.de/release-notes-ucsschool-4.4v1-de.html If this error occurs again, please clone this bug.