Univention Bugzilla – Bug 50848
SiSoPi import doesn't set ucsschoolPurgeTimestamp for "deleted" users
Last modified: 2020-03-31 12:21:39 CEST
In several domains using the SiSoPi importer I observe that it does not set the ucsschoolPurgeTimestamp for "deleted" users. Not sure if this is related to bug 50406 but at least it's a blocker for the "top-level" issue of user deletion not working with SiSoPi as well.
I don't think its related to Bug #50406, as that happens only when the script is called, not during the import. Please provide the combined import configuration from the import logfile from a domain where the ucsschoolPurgeTimestamp is not set.
Created attachment 10332 [details] missing set_deletion_grace() I think this fixes it. Haven't tested it though.
I pushed the patch to a branch. [dtroeder/50848_missing_ucsschoolPurgeTimestampin_SiSoPi eab291c98] Bug #50848: set deletion_grace_period / ucsschoolPurgeTimestamp in sisopi import
(In reply to Daniel Tröder from comment #3) > Created attachment 10332 [details] > missing set_deletion_grace() > > I think this fixes it. Haven't tested it though. I have tested it with the customer's import config and it works! ucsschoolPurgeTimestamp is being set correctly with it. However user that have already been deactivated but do not have a ucsschoolPurgeTimestamp are not considered in a new import in which they're also missing. I have tested like so: Import 1 / without patch / file contains user1, user2 and user3 Create: user1 user2 user3 .... Import 2 / without patch / file contains user1 and user2 Modify: user1 user2 Delete: user3 .... Import 3 / with patch / file contains user1 and user2 Modify: user1 user2 -> user3 is not considered so it just remains without a PurgeTimestamp IMHO we'd need some way to set the PurgeTimestamp for users that have already been deactivated and thus won't be considered in another import in which they're also missing.
(In reply to Valentin Heidelberger from comment #5) > (In reply to Daniel Tröder from comment #3) > > Created attachment 10332 [details] > > missing set_deletion_grace() > > > > I think this fixes it. Haven't tested it though. > > I have tested it with the customer's import config and it works! > ucsschoolPurgeTimestamp is being set correctly with it. > > However user that have already been deactivated but do not have a > ucsschoolPurgeTimestamp are not considered in a new import in which they're > also missing. I have tested like so: > > Import 1 / without patch / file contains user1, user2 and user3 > Create: > user1 > user2 > user3 > > .... > > Import 2 / without patch / file contains user1 and user2 > Modify: > user1 > user2 > > Delete: > user3 > > .... > > Import 3 / with patch / file contains user1 and user2 > Modify: > user1 > user2 > > -> user3 is not considered so it just remains without a PurgeTimestamp > > IMHO we'd need some way to set the PurgeTimestamp for users that have > already been deactivated and thus won't be considered in another import in > which they're also missing. Such (student) users can be found like so for example: univention-ldapsearch -LLL "(&(objectClass=ucsschoolStudent)(shadowExpire=1)(!(ucsschoolPurgeTimestamp=*)))" dn