Bug 50712 - Change of AD Server Causes Deletion an Re-Creation of LDAP Objects
Change of AD Server Causes Deletion an Re-Creation of LDAP Objects
Status: NEW
Product: UCS
Classification: Unclassified
Component: AD Connector
UCS 4.4
Other Linux
: P5 normal (vote)
: ---
Assigned To: Samba maintainers
Samba maintainers
https://help.univention.com/t/problem...
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2020-01-13 15:01 CET by Christian Völker
Modified: 2020-01-13 15:01 CET (History)
0 users

See Also:
What kind of report is it?: Bug Report
What type of bug is this?: 4: Minor Usability: Impairs usability in secondary scenarios
Who will be affected by this bug?: 1: Will affect a very few installed domains
How will those affected feel about the bug?: 4: A User would return the product
User Pain: 0.091
Enterprise Customer affected?: Yes
School Customer affected?:
ISV affected?:
Waiting Support:
Flags outvoted (downgraded) after PO Review:
Ticket number: 2020010821000657
Bug group (optional):
Max CVSS v3 score:


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Christian Völker univentionstaff 2020-01-13 15:01:29 CET
Customer needed to change the Win-AD server from where the AD connector reads its updates.
Because of diefferent USNs the lastUSN value in AD connector need to be set to "1". According to help article (see URL).

Setting this value caused the AD connector to delete and re-create several objects causing a lot of issues (different uid for same user, different attributes for servers,...)

The AD connector should somehow be able to identify the objects to be synced even when connecting to a different MS-AD server
-or-
not deleting objects or changing attributes during initial sync.