Univention Bugzilla – Bug 49480
Samba 4.9.x - connector password change
Last modified: 2019-05-29 13:51:26 CEST
+++ This bug was initially created as a clone of Bug #48142 +++ +++ This bug was initially created as a clone of Bug #48084 +++ -> udm users/user modify --dn uid=Administrator,cn=users,dc=sambatest,dc=local --set password=univention -> univention-s4connector-list-rejected UCS rejected 1: UCS DN: uid=Administrator,cn=users,dc=sambatest,dc=local S4 DN: cn=administrator,cn=users,DC=sambatest,DC=local Filename: /var/lib/univention-connector/s4/1542110904.178630 connector.log: 13.11.2018 13:10:46,518 LDAP (INFO ): calculate_supplementalCredentials: building Primary:Kerberos-Newer-Keys blob 13.11.2018 13:10:46,518 LDAP (INFO ): calculate_supplementalCredentials: building Primary:Kerberos blob 13.11.2018 13:10:46,519 LDAP (INFO ): password_sync_ucs_to_s4: pwdLastSet in modlist: 131865845040000000 13.11.2018 13:10:46,519 LDAP (INFO ): password_sync_ucs_to_s4: modlist: [(1, 'unicodePwd', '\xdaJ\xaf\x8e\xfe\x0f\xd0\x97\x88KW\xef\xa09\xcd\x84'), (0, 'unicodePwd', '\xca\xa1#\x9dD\xda~\xdf\x92k\xce9\xf5\xc6]\x0f'), (1, 'supplementalCredentials', '\x00\x00\x00\x00X\x08\x00\x00\x00\x00\x00\x00 \x00 \x00 \x00 \x00 \x00 \x00 \x00 \x00 \x00 \x00 \x00 \x00 \x00 \x00 \x00 \x00 \x00 \x00 \x00 \x00 \x00 \x00 \x00 \x00 \x00 \x00 \x00 \x00 \x00 \x00 \x00 \x00 \x00 \x00 \x00 \x00 \x00 \x00 \x00 \x00 \x00 \x00 \x00 \x00 \x00 \x00 \x00 \x00P\x00\x04\x006\x00\xe0\x01\x01\x00P\x00r\x00i\x00m\x00a\x00r\x00y\x00:\x00K\x00e\x00r\x00b\x00e\x00r\x00o\x00s\x00-\x00N\x00e\x00w\x00e\x00r\x00-\x00K\x00e\x00y\x00s\x000400000004000000000000003800380078000000001000000000000000000000001000001200000020000000B00000000000000000000000001000001100000010000000D00000000000000000000000001000000300000008000000E00000000000000000000000001000000100000008000000E8000000530041004D004200410054004500530054002E004C004F00430041004C00410064006D0069006E006900730074007200610074006F007200AEB95C4FA6B8A08BACEE7AF153E641D62093DA2E24D4A3F2943E6B3B9DF2D3C90EB61A8E3FC9C81E53665F25AE3FFC6ECBDC204FAEBF988CCBDC204FAEBF988C \x00(\x01\x01\x00P\x00r\x00i\x00m\x00a\x00r\x00y\x00:\x00K\x00e\x00r\x00b\x00e\x00r\x00o\x00s\x000300000002000000380038004C0000000000000000000000030000000800000084000000000000000000000001000000080000008C0000000000000000000000000000000000000000000000530041004D004200410054004500530054002E004C004F00430041004C00410064006D0069006E006900730074007200610074006F007200CBDC204FAEBF988CCBDC204FAEBF988C\x10\x00\x90\x00\x02\x00P\x00a\x00c\x00k\x00a\x00g\x00e\x00s\x004B00650072006200650072006F0073002D004E0065007700650072002D004B0065007900730000004B00650072006200650072006F00730000005700440069006700650073007400\x1e\x00\xc0\x03\x01\x00P\x00r\x00i\x00m\x00a\x00r\x00y\x00:\x00W\x00D\x00i\x00g\x00e\x00s\x00t\x003100011D0000000000000000000000007B9CF26B744BD4EE4B0CA3665EB1A5EFC26B8847E3A0138B602E903BAFB3B32072F760E5AED8367CD0F2A9A61A7604137B9CF26B744BD4EE4B0CA3665EB1A5EF89A9688CE342C1DDDBAB5A95777AA9437BE6F638C59035C8102467FE23E9F3A348AB349E4AACC96210C8027523465DD15EEA3B7D84A6242A2F1E2DCDED83D75279A581B2D7C4212F6ECD5DBA1FFCFCD1333106DB7282BF22C80336ABAC6C3E6938697D56217B6A7E926B34DAE4BD275F5EEA3B7D84A6242A2F1E2DCDED83D752D63BF7934EFD7A7CB58BA8769234A987065219696F03ED349BB2B7B0C171ED851C91378A242C44851DBC57F8FFBFE193C2AC18195507D5BAB1F531932609646F9929639EB76AE151EE9ECECD1EF79A8E21FFBD5B43760AAA2D996CE2E87C749C2904CBEB333C726E9F506B277DBB2C154A52F7FB01CB88544DA8A54BE55E8E885DF59C4FC26B3D86F17030657150ACEA768D7F5956D08B7AE9B049ED47F2CFC814CB177893CB28E200179062C6B56009BBD1AFF30BAD6D222FC3DBB502BDD5D9AAA3E03B7405786A6910E89DF6076A154E320342ECC6F7FC71AA6CEFB7C88125D9695D015596FB42E1157010E3E8A8BF45BA9076B65BB2E61D1372603E1AC9F4EB4967C118C76001E015E5E40A8031F8\x00'), (0, 'supplementalCredentials', '\x00\x00\x00\x00\x04\x06\x00\x00\x00\x00\x00\x00 \x00 \x00 \x00 \x00 \x00 \x00 \x00 \x00 \x00 \x00 \x00 \x00 \x00 \x00 \x00 \x00 \x00 \x00 \x00 \x00 \x00 \x00 \x00 \x00 \x00 \x00 \x00 \x00 \x00 \x00 \x00 \x00 \x00 \x00 \x00 \x00 \x00 \x00 \x00 \x00 \x00 \x00 \x00 \x00 \x00 \x00 \x00 \x00P\x00\x03\x006\x00 \x03\x01\x00P\x00r\x00i\x00m\x00a\x00r\x00y\x00:\x00K\x00e\x00r\x00b\x00e\x00r\x00o\x00s\x00-\x00N\x00e\x00w\x00e\x00r\x00-\x00K\x00e\x00y\x00s\x0004000000040000000400000038003800d800000000000000000000000000000000000000120000002000000010010000000000000000000000000000110000001000000030010000000000000000000000000000030000000800000040010000000000000000000000000000010000000800000048010000000000000000000000100000120000002000000050010000000000000000000000100000110000001000000070010000000000000000000000100000030000000800000080010000000000000000000000100000010000000800000088010000530041004d004200410054004500530054002e004c004f00430041004c00410064006d0069006e006900730074007200610074006f00720086fc37ad73891d59b3cdd69b57da1796a1c977fce19084495c3bcaae039634702c9e4aba0841829759e79157ba06ecdd45f4d6fb027a0e9b45f4d6fb027a0e9baeb95c4fa6b8a08bacee7af153e641d62093da2e24d4a3f2943e6b3b9df2d3c90eb61a8e3fc9c81e53665f25ae3ffc6ecbdc204faebf988ccbdc204faebf988c\x10\x00p\x00\x02\x00P\x00a\x00c\x00k\x00a\x00g\x00e\x00s\x004B00650072006200650072006F0073002D004E0065007700650072002D004B0065007900730000004B00650072006200650072006F007300 \x00\x98\x01\x01\x00P\x00r\x00i\x00m\x00a\x00r\x00y\x00:\x00K\x00e\x00r\x00b\x00e\x00r\x00o\x00s\x000300000002000200380038007400000000000000000000000300000008000000ac00000000000000000000000100000008000000b400000000000000000000000300000008000000bc00000000000000000000000100000008000000c40000000000000000000000000000000000000000000000530041004d004200410054004500530054002e004c004f00430041004c00410064006d0069006e006900730074007200610074006f00720045f4d6fb027a0e9b45f4d6fb027a0e9bcbdc204faebf988ccbdc204faebf988c\x00'), (2, 'pwdLastSet', '131865845040000000'), (2, 'badPwdCount', '0'), (2, 'badPasswordTime', '0'), (2, 'lockoutTime', '0')] 13.11.2018 13:10:46,528 LDAP (WARNING): sync failed, saved as rejected /var/lib/univention-connector/s4/1542110904.178630 13.11.2018 13:10:46,530 LDAP (WARNING): Traceback (most recent call last): File "/usr/lib/pymodules/python2.7/univention/s4connector/__init__.py", line 909, in __sync_file_from_ucs if ((old_dn and not self.sync_from_ucs(key, mapped_object, pre_mapped_ucs_dn, unicode(old_dn, 'utf8'), old, new)) or (not old_dn and not self.sync_from_ucs(key, mapped_object, pre_mapped_ucs_dn, old_dn, old, new))): File "/usr/lib/pymodules/python2.7/univention/s4connector/s4/__init__.py", line 2750, in sync_from_ucs f(self, property_type, object) File "/usr/lib/pymodules/python2.7/univention/s4connector/s4/password.py", line 652, in password_sync_ucs_to_s4 s4connector.lo_s4.lo.modify_ext_s(compatible_modstring(object['dn']), modlist, serverctrls=[ctrl_bypass_password_hash]) File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 374, in modify_ext_s resp_type, resp_data, resp_msgid, resp_ctrls = self.result3(msgid,all=1,timeout=self.timeout) File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 514, in result3 resp_ctrl_classes=resp_ctrl_classes File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 521, in result4 ldap_result = self._ldap_call(self._l.result4,msgid,all,timeout,add_ctrls,add_intermediates,add_extop) File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 106, in _ldap_call result = func(*args,**kwargs) NO_SUCH_ATTRIBUTE: {'info': "attribute 'unicodePwd': no matching attribute value while deleting attribute on 'CN=Administrator,CN=Users,DC=sambatest,DC=local'", 'desc': 'No such attribute'}
73c313f701ecb1578d5b22ffa306e7993f4dca00 e0104052c3b0a70744f7ff2056c75e55e0ff0901 univention-s4-connector 6ae43296755f7cf0190fa049cb63e3af6f256b5a yaml
Verified: * Code review of backported patch: Ok * Advisory: Ok * UCS 4.3-4 and UCS@school 4.3 Tests: Ok http://jenkins.knut.univention.de:8080/job/UCS-4.3/job/UCS-4.3-4/job/AutotestJoin/
<http://errata.software-univention.de/ucs/4.3/518.html>