Univention Bugzilla – Bug 49950
sync_to_ucs reject for deleting GPO objects with leafs in Openldap
Last modified: 2019-09-27 13:03:25 CEST
Maybe similar to Bug #49931 and/or Bug #49498 but different: ============================================================= univention-s4connector-list-rejected UCS rejected S4 rejected 1: S4 DN: cn={00B91A95-1EA6-42FF-BE15-9A7896448393},CN=Policies,CN=System,DC=schein,DC=me UCS DN: <not found> last synced USN: 282008 01.08.2019 10:02:28.105 LDAP (INFO ): sync_to_ucs: set position to cn={00B91A95-1EA6-42FF-BE15-9A7896448393},cn=Policies,cn=System,dc=schein,dc=me 01.08.2019 10:02:28.106 LDAP (INFO ): LockingDB: Execute SQL command: 'SELECT id FROM UCS_LOCK WHERE uuid=?;', '('da633928-0551-1037-8386-5d830702ad99',)' 01.08.2019 10:02:28.107 LDAP (INFO ): LockingDB: Return SQL result: '[]' 01.08.2019 10:02:28.107 LDAP (INFO ): The following attributes have been changed: [] 01.08.2019 10:02:28.108 LDAP (INFO ): sync_to_ucs: using existing target object type: container/cn 01.08.2019 10:02:28.425 LDAP (INFO ): delete object exception: Operation not allowed on non-leaf: subordinate objects must be deleted first 01.08.2019 10:02:28.426 LDAP (INFO ): remove object from UCS failed, need to delete subtree 01.08.2019 10:02:28.427 LDAP (INFO ): delete: cn=PushedPrinterConnections,cn=Machine,cn={00B91A95-1EA6-42FF-BE15-9A7896448393},cn=Policies,cn=System,dc=schein,dc=me 01.08.2019 10:02:28.428 LDAP (INFO ): _object_mapping: map with key container and type ucs 01.08.2019 10:02:28.428 LDAP (INFO ): _dn_type ucs 01.08.2019 10:02:28.429 LDAP (WARNING): delete subobject: cn=pushedprinterconnections,cn=machine,cn={00b91a95-1ea6-42ff-be15-9a7896448393},cn=policies,cn=system,DC =schein,DC=me 01.08.2019 10:02:28.430 LDAP (INFO ): _ignore_object: Do not ignore cn=pushedprinterconnections,cn=machine,cn={00b91a95-1ea6-42ff-be15-9a7896448393},cn=policies, cn=system,DC=schein,DC=me 01.08.2019 10:02:28.432 LDAP (INFO ): get_ucs_object: object found: cn=PushedPrinterConnections,cn=Machine,cn={00B91A95-1EA6-42FF-BE15-9A7896448393},cn=Policies, cn=System,dc=schein,dc=me 01.08.2019 10:02:28.433 LDAP (PROCESS): sync to ucs: [ container] [ delete] cn=PushedPrinterConnections,cn=Machine,cn={00B91A95-1EA6-42FF-BE15-9A789644839 3},cn=Policies,cn=System,dc=schein,dc=me 01.08.2019 10:02:28.433 LDAP (INFO ): sync_to_ucs: set position to cn=Machine,cn={00B91A95-1EA6-42FF-BE15-9A7896448393},cn=Policies,cn=System,dc=schein,dc=me 01.08.2019 10:02:28.434 LDAP (INFO ): LockingDB: Execute SQL command: 'SELECT id FROM UCS_LOCK WHERE uuid=?;', '('da85df0a-0551-1037-8388-5d830702ad99',)' 01.08.2019 10:02:28.435 LDAP (INFO ): LockingDB: Return SQL result: '[]' 01.08.2019 10:02:28.435 LDAP (ERROR ): Unknown Exception during sync_to_ucs 01.08.2019 10:02:28.436 LDAP (ERROR ): Traceback (most recent call last): File "/usr/lib/python2.7/dist-packages/univention/s4connector/__init__.py", line 1512, in sync_to_ucs guid_unicode = original_object.get('attributes').get('objectGUID')[0] TypeError: 'NoneType' object has no attribute '__getitem__'· ============================================================= I deleted the object in openLdap, because in /var/lib/samba/sysvol/domain/scripts the GPO was not there. eval "$(ucr shell)" ldapdelete -r -h "$ldap_master" -p 7389 -D "$ldap_hostdn" -y /etc/machine.secret "cn={00B91A95-1EA6-42FF-BE15-9A7896448393},cn=Policies,cn=System,dc=schein,dc=me" Reject is solved =============================================================
*** This bug has been marked as a duplicate of bug 49324 ***