Univention Bugzilla – Bug 51276
Additional memberserver in school ou does not have permission to read sambaNTPassword
Last modified: 2020-07-21 12:42:15 CEST
I could reproduce this in my testenvironment. The impact is, that using radius is not possible on an additional memberserver in school. Radius needs the sambaNTPassword. root@member-sun:~# univention-ldapsearch -LLL uid=cscheini sambaNTPassword dn: uid=cscheini,cn=schueler,cn=users,ou=sun,dc=schein,dc=me Updateuser is allowed to read the sambaNTPassword: root@member-sun:~# univention-ldapsearch -LLL -D "cn=update,dc=schein,dc=me" -W uid=cscheini sambaNTPassword Enter LDAP Password: dn: uid=cscheini,cn=schueler,cn=users,ou=sun,dc=schein,dc=me sambaNTPassword: CAA1239D44DA7EDF926BCE39F5C65D0F root@member-sun:~# id member-sun\$ uid=2075(member-sun$) gid=5007(Computers) Gruppen=5007(Computers),5013(Member-Edukativnetz),5015(OUsun-Member-Edukativnetz) root@member-sun:~# ucr get ldap/server/name slave-sun
Another customer affected.
(In reply to Christian Völker from comment #2) > Another customer affected. No its not. Its the same customer with new ticket.