Univention Bugzilla – Bug 48421
new module "unique_object_sids" prevents modification of objectSid in samba
Last modified: 2019-05-15 13:35:56 CEST
which is bad for UCS@school Traceback (most recent call last): File "<string>", line 9, in <module> File "ldap_glue_s4.py", line 161, in set_attribute_with_provision_ctrl [(ldap.MOD_REPLACE, key, value)], serverctrls=ctrls) File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 374, in modify_ext_s resp_type, resp_data, resp_msgid, resp_ctrls = self.result3(msgid,all=1,timeout=self.timeout) File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 514, in result3 resp_ctrl_classes=resp_ctrl_classes File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 521, in result4 ldap_result = self._ldap_call(self._l.result4,msgid,all,timeout,add_ctrls,add_intermediates,add_extop) File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 106, in _ldap_call result = func(*args,**kwargs) ldap.UNWILLING_TO_PERFORM: {'info': '00002035: Modify of CN=grp1,DC=w2k12,DC=test rejected, as it is modifying an objectSID\n', 'desc': 'Server is unwilling to
samba commit 4d5da6c7
Until a better idea, we expose the control DSDB_CONTROL_REPLICATED_UPDATE_OID (which bypasses unique_object_sids test) in samba and use it in the connector and the tests for samba modifications. This could lead to sid duplicates (e.g re-join of samba dc's in the school central environment).
samba (4.9.3-1A~4.4.0.20190103163) - added 93_expose_control_replicated_update_oid.quilt 5713c6a590bb1724e8c38a87f6dd0bdf9a2aecc5 - added DSDB_CONTROL_REPLICATED_UPDATE_OID control to ucs-test and connector
Ok, it works.
There is no changelog entry in changelog-4.4-0.xml.
UCS 4.4 has been released: https://docs.software-univention.de/release-notes-4.4-0-en.html https://docs.software-univention.de/release-notes-4.4-0-de.html If this error occurs again, please use "Clone This Bug".