Bug 50423 – [O365] Adapt listener for multiple ad connection support

Bug 50423 - [O365] Adapt listener for multiple ad connection support


Summary:	[O365] Adapt listener for multiple ad connection support

Status:	CLOSED FIXED

Product:	UCS
Classification:	Unclassified
Component:	Office 365
Version:	UCS 4.4
Hardware:	Other Linux

Importance:	P5 normal (vote)
Target Milestone:	---
Assigned To:	Erik Damrose
QA Contact:	Arvid Requate

URL:
Keywords:

Depends on:
Blocks:	50579
	Show dependency tree / graph

Reported:	2019-10-28 14:47 CET by Erik Damrose
Modified:	2020-02-13 09:50 CET (History)
CC List:	0 users

See Also:	50324
What kind of report is it?:	Development Internal
What type of bug is this?:	---
Who will be affected by this bug?:	---
How will those affected feel about the bug?:	---
User Pain:
Enterprise Customer affected?:
School Customer affected?:
ISV affected?:
Waiting Support:
Flags outvoted (downgraded) after PO Review:
Ticket number:
Bug group (optional):
Max CVSS v3 score:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Erik Damrose

2019-10-28 14:47:25 CET

Bug for tracking changes to the Office365 listener that are required for supporting multiple ad connections

Comment 1 Erik Damrose

2019-11-03 17:04:17 CET

0cc49fa Refactor user listener and lib
5d0430c Started adapting user listener to multiple ad connections
16f3850 Remove single connection tests
0bd2943 Move multi connection tests to correct location
98865bf Adapt user listener for unmigrated userobjects
5585db5 Improve tests
a980c71 adapt listener modules for multiple ad connections
bcdd09d Add default alias handling

Comment 2 Arvid Requate

2019-11-19 18:49:52 CET

If the connection configured as UCR office365/defaultalias is not initialized, the listener gernates this traceback for a user created from the office365 template:
=======================================================================================================================
19.11.19 18:43:10.350  LISTENER    ( PROCESS ) : o365: No ad connection defined, using default (defaultADconnection | uid=areq5.user1,cn=users,dc=mydomain,dc=intranet)
19.11.19 18:43:10.350  LISTENER    ( PROCESS ) : o365: new_enabled and not old_enabled -> NEW or REACTIVATED (set(['defaultADconnection']) | uid=areq5.user1,cn=users,dc=mydomain,dc=intranet)
Traceback (most recent call last):
  File "/usr/lib/univention-directory-listener/system/office365-user.py", line 417, in handler
    ol = Office365Listener(listener, name, _attrs, ldap_cred, dn, conn)
  File "/usr/lib/pymodules/python2.7/univention/office365/listener.py", line 115, in __init__
    self.ah = AzureHandler(self.ucr, name, self.adconnection_alias)
  File "/usr/lib/pymodules/python2.7/univention/office365/azure_handler.py", line 174, in __init__
    self.auth = AzureAuth(name, adconnection_alias)
  File "/usr/lib/pymodules/python2.7/univention/office365/azure_auth.py", line 357, in __init__
    self.client_id = ids["client_id"]
univention.office365.azure_auth.NoIDsStored: The configuration of Azure AD connection defaultADconnection is incomplete and misses some data. Please run the wizard again.
19.11.19 18:43:10.372  LISTENER    ( WARN    ) : handler: office365-user (failed)
=======================================================================================================================

Comment 3 Erik Damrose

2019-11-19 19:53:48 CET

Correct, that case was not tested for in the user listener. I added a check in

252f23e4 Check if default connection is initialized before trying to sync users

In that case, the listener will log:
o365: Cannot put user in default connection (defaultADconnection), because it is not initialized

Comment 4 Arvid Requate

2019-11-20 19:47:19 CET

Verified:
* Code review
* Functional test (manual and ucs-test)

Comment 5 Erik Damrose

2020-02-13 09:50:12 CET

Closed: Released with App Version 3.0 for UCS 4.4