Bug 51295 - udm/containers (computers/computer): PROTOCOL_ERROR
udm/containers (computers/computer): PROTOCOL_ERROR
Status: NEW
Product: UCS
Classification: Unclassified
Component: UMC - Computers
UCS 4.4
Other Linux
: P5 normal (vote)
: ---
Assigned To: UMC maintainers
UMC maintainers
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2020-05-15 12:51 CEST by Christian Castens
Modified: 2021-02-04 09:46 CET (History)
2 users (show)

See Also:
What kind of report is it?: ---
What type of bug is this?: ---
Who will be affected by this bug?: ---
How will those affected feel about the bug?: ---
User Pain:
Enterprise Customer affected?:
School Customer affected?: Yes
ISV affected?:
Waiting Support:
Flags outvoted (downgraded) after PO Review:
Ticket number: 2021011221000754, 2020040221000886, 2020040221000902
Bug group (optional): External feedback
Max CVSS v3 score:


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Christian Castens univentionstaff 2020-05-15 12:51:23 CEST
Version: 4.4-4 errata499 (Blumenthal)

Interner Server-Fehler in "udm/containers (computers/computer)".
Request: udm/containers (computers/computer)

Traceback (most recent call last):
  File "/usr/lib/python2.7/dist-packages/univention/management/console/base.py", line 358, in __error_handling
    six.reraise(etype, exc, etraceback)
  File "/usr/lib/python2.7/dist-packages/univention/management/console/base.py", line 261, in execute
    function.__func__(self, request, *args, **kwargs)
  File "/usr/lib/python2.7/dist-packages/univention/management/console/modules/udm/__init__.py", line 107, in _decorated
    request.options['module'] = self._get_module_by_request(request)
  File "/usr/lib/python2.7/dist-packages/univention/management/console/modules/udm/__init__.py", line 241, in _get_module_by_request
    return UDM_Module(module_name)
  File "/usr/lib/python2.7/dist-packages/univention/management/console/modules/udm/udm_ldap.py", line 410, in __init__
    self.load(force_reload=force_reload)
  File "/usr/lib/python2.7/dist-packages/univention/management/console/modules/udm/udm_ldap.py", line 432, in load
    self.module = _module_cache.get(module, None, force_reload, *self.get_ldap_connection())  # FIXME: template_object not used?!
  File "/usr/lib/python2.7/dist-packages/univention/management/console/modules/udm/udm_ldap.py", line 419, in get_ldap_connection
    self.ldap_connection, po = get_user_connection(bind=get_bind_function(), write=True)
  File "/usr/lib/python2.7/dist-packages/univention/management/console/ldap.py", line 94, in get_user_connection
    return connection()
  File "/usr/lib/python2.7/dist-packages/univention/management/console/ldap.py", line 140, in _decorated
    kwargs[loarg], kwargs[poarg] = lo, po = getter()
  File "/usr/lib/python2.7/dist-packages/univention/management/console/ldap.py", line 130, in getter
    conn = connection()
  File "/usr/lib/python2.7/dist-packages/univention/management/console/ldap.py", line 51, in connection
    lo = _access(host=host, port=port, base=base, **kwargs)
  File "/usr/lib/python2.7/dist-packages/univention/admin/uldap.py", line 557, in __init__
    self.lo = univention.uldap.access(host, port, base, binddn, bindpw, start_tls, follow_referral=follow_referral)
  File "/usr/lib/python2.7/dist-packages/univention/uldap.py", line 275, in __init__
    self.__open(ca_certfile)
  File "/usr/lib/python2.7/dist-packages/univention/uldap.py", line 359, in __open
    self.__starttls()
  File "/usr/lib/python2.7/dist-packages/univention/uldap.py", line 199, in _decorated
    return func(self, *args, **kwargs)
  File "/usr/lib/python2.7/dist-packages/univention/uldap.py", line 373, in __starttls
    self.lo.start_tls_s()
  File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 954, in start_tls_s
    res = self._apply_method_s(SimpleLDAPObject.start_tls_s,*args,**kwargs)
  File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 931, in _apply_method_s
    return func(self,*args,**kwargs)
  File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 609, in start_tls_s
    return self._ldap_call(self._l.start_tls_s)
  File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 106, in _ldap_call
    result = func(*args,**kwargs)
PROTOCOL_ERROR: {'info': 'unsupported extended operation', 'desc': 'Protocol error'}

Role: domaincontroller_backup
Comment 1 Christian Castens univentionstaff 2020-05-15 12:52:56 CEST
reported again:

Version: 4.4-4 errata499 (Blumenthal)

Interner Server-Fehler in "udm/types (computers/computer)".
Request: udm/types (computers/computer)

Traceback (most recent call last):
  File "/usr/lib/python2.7/dist-packages/univention/management/console/base.py", line 358, in __error_handling
    six.reraise(etype, exc, etraceback)
  File "/usr/lib/python2.7/dist-packages/univention/management/console/base.py", line 261, in execute
    function.__func__(self, request, *args, **kwargs)
  File "/usr/lib/python2.7/dist-packages/univention/management/console/modules/udm/udm_ldap.py", line 99, in _decorated
    return method(*args, **kwargs)
  File "/usr/lib/python2.7/dist-packages/univention/management/console/ldap.py", line 140, in _decorated
    kwargs[loarg], kwargs[poarg] = lo, po = getter()
  File "/usr/lib/python2.7/dist-packages/univention/management/console/ldap.py", line 130, in getter
    conn = connection()
  File "/usr/lib/python2.7/dist-packages/univention/management/console/ldap.py", line 51, in connection
    lo = _access(host=host, port=port, base=base, **kwargs)
  File "/usr/lib/python2.7/dist-packages/univention/admin/uldap.py", line 557, in __init__
    self.lo = univention.uldap.access(host, port, base, binddn, bindpw, start_tls, follow_referral=follow_referral)
  File "/usr/lib/python2.7/dist-packages/univention/uldap.py", line 275, in __init__
    self.__open(ca_certfile)
  File "/usr/lib/python2.7/dist-packages/univention/uldap.py", line 359, in __open
    self.__starttls()
  File "/usr/lib/python2.7/dist-packages/univention/uldap.py", line 199, in _decorated
    return func(self, *args, **kwargs)
  File "/usr/lib/python2.7/dist-packages/univention/uldap.py", line 373, in __starttls
    self.lo.start_tls_s()
  File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 954, in start_tls_s
    res = self._apply_method_s(SimpleLDAPObject.start_tls_s,*args,**kwargs)
  File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 931, in _apply_method_s
    return func(self,*args,**kwargs)
  File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 609, in start_tls_s
    return self._ldap_call(self._l.start_tls_s)
  File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 106, in _ldap_call
    result = func(*args,**kwargs)
PROTOCOL_ERROR: {'info': 'unsupported extended operation', 'desc': 'Protocol error'}

Role: domaincontroller_backup
Comment 2 Riya Bhattacharjee univentionstaff 2021-01-14 10:48:58 CET
UCS Version: undefined

Interner Server-Fehler in "".Request:
 
Traceback (most recent call last):
  File "/usr/lib/python2.7/dist-packages/univention/management/console/base.py", line 358, in __error_handling
    else:
  File "/usr/lib/python2.7/dist-packages/univention/management/console/base.py", line 261, in execute
    self.security_checks(request, function)
  File "/usr/lib/python2.7/dist-packages/univention/management/console/protocol/session.py", line 964, in _authentication_finished2
    self.__credentials = result.credentials
  File "/usr/lib/python2.7/dist-packages/univention/management/console/protocol/session.py", line 1006, in initalize_processor
    if not self.processor:
  File "/usr/lib/python2.7/dist-packages/univention/management/console/protocol/session.py", line 171, in set_credentials
    self._password = password
  File "/usr/lib/python2.7/dist-packages/univention/management/console/protocol/session.py", line 190, in _search_user_dn
  File "/usr/lib/python2.7/dist-packages/univention/management/console/protocol/session.py", line 152, in lo
    @property
  File "/usr/lib/python2.7/dist-packages/univention/management/console/ldap.py", line 100, in get_machine_connection
    return connection()
  File "/usr/lib/python2.7/dist-packages/univention/management/console/ldap.py", line 140, in _decorated
    try:
  File "/usr/lib/python2.7/dist-packages/univention/management/console/ldap.py", line 130, in getter
    else:
  File "/usr/lib/python2.7/dist-packages/univention/management/console/ldap.py", line 63, in connection
    return _getMachineConnection(**kwargs)
  File "/usr/lib/python2.7/dist-packages/univention/admin/uldap.py", line 183, in getMachineConnection
    lo = univention.uldap.getMachineConnection(start_tls, decode_ignorelist=decode_ignorelist, ldap_master=ldap_master)
  File "/usr/lib/python2.7/dist-packages/univention/uldap.py", line 183, in getMachineConnection
    else:
  File "/usr/lib/python2.7/dist-packages/univention/uldap.py", line 275, in __init__
    try:
  File "/usr/lib/python2.7/dist-packages/univention/uldap.py", line 359, in __open
  File "/usr/lib/python2.7/dist-packages/univention/uldap.py", line 199, in _decorated
    # Bug #47926: python ldap does not reconnect on ldap.UNAVAILABLE
  File "/usr/lib/python2.7/dist-packages/univention/uldap.py", line 373, in __starttls
    if self.follow_referral:
  File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 954, in start_tls_s
    res = self._apply_method_s(SimpleLDAPObject.start_tls_s,*args,**kwargs)
  File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 931, in _apply_method_s
    return func(self,*args,**kwargs)
  File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 609, in start_tls_s
    return self._ldap_call(self._l.start_tls_s)
  File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 106, in _ldap_call
    result = func(*args,**kwargs)
PROTOCOL_ERROR: {'info': 'unsupported extended operation', 'desc': 'Protocol error'}
Interner Server-Fehler in "".
Comment 3 Christina Scheinig univentionstaff 2021-02-04 09:46:02 CET
Found this during initial join of a backupserver in a school environment.


ldap_start_tls: Protocol error (2)
additional info: unsupported extended operation
chgrp: ungültige Gruppe: „DC Slave Hosts“
chgrp: ungültige Gruppe: „DC Slave Hosts“
Traceback (most recent call last):
File "/usr/lib/univention-pam/ldap-group-to-file.py", line 162, in <module>
main()
File "/usr/lib/univention-pam/ldap-group-to-file.py", line 112, in main
lo = univention.uldap.getMachineConnection(ldap_master=False, random_server=True)
File "/usr/lib/python2.7/dist-packages/univention/uldap.py", line 191, in getMachineConnection
return access(host=server, port=port, base=ucr['ldap/base'], binddn=ucr['ldap/hostdn'], bindpw=bindpw, start_tls=start_tls, decode_ignorelist=decode_ignorelist, reconnect=reconnect)
File "/usr/lib/python2.7/dist-packages/univention/uldap.py", line 283, in __init__
self.__open(ca_certfile)
File "/usr/lib/python2.7/dist-packages/univention/uldap.py", line 367, in __open
self.__starttls()
File "/usr/lib/python2.7/dist-packages/univention/uldap.py", line 207, in _decorated
return func(self, *args, **kwargs)
File "/usr/lib/python2.7/dist-packages/univention/uldap.py", line 381, in __starttls
self.lo.start_tls_s()
File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 954, in start_tls_s
res = self._apply_method_s(SimpleLDAPObject.start_tls_s,*args,**kwargs)
File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 931, in _apply_method_s
return func(self,*args,**kwargs)
File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 609, in start_tls_s
return self._ldap_call(self._l.start_tls_s)
File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 106, in _ldap_call
result = func(*args,**kwargs)
ldap.PROTOCOL_ERROR: {'info': 'unsupported extended operation', 'desc': 'Protocol error'}
Restarting nscd (via systemctl): nscd.service.
setfacl: Option -m: Das Argument ist ungültig bei Zeichen 3
Error: Could not set fACL for /var/lib/samba/sysvol
Joinscript 96univention-samba4.inst finished with exitcode 2