Univention Bugzilla – Bug 52049
UCS@school: Activate synchronization of domainpolicy
Last modified: 2020-10-12 16:19:03 CEST
We added the objectclass "domainpolicy" in Bug #51782 to resolve the reject of the objects beneath "Default Domain Policy", e.g. CN=AppCategories. The synchronization is not activated per default in UCS, but it should be activated per default in UCS@School.
https://git.knut.univention.de/univention/ucsschool/-/tree/jbremer/bug52049_activate_mapping_of_domainpolicy contains the patch. Waiting to merge until Bug #51782 is merged.
As discussed i merged the branch to the ucs@school 4.4 branch 8454d1aec Bug #52049: Activate mapping of domainpolicy e13d1ab25 Bug #52049: changelog c0bdf0c8c yaml ucs-school-metapackage 12.0.3-6A~4.4.0.202009251103 ucs-test-ucsschool 6.0.139A~4.4.0.202009251107
(In reply to Erik Damrose from comment #2) > As discussed i merged the branch to the ucs@school 4.4 branch > > 8454d1aec Bug #52049: Activate mapping of domainpolicy > e13d1ab25 Bug #52049: changelog > c0bdf0c8c yaml > > ucs-school-metapackage 12.0.3-6A~4.4.0.202009251103 > ucs-test-ucsschool 6.0.139A~4.4.0.202009251107 looks good OK - activation OK - test OK - yaml switch assignee qa for the ldap acl stuff
see also Bug #51782 > We had some internal discussions about synchronizing all these additional > default objects. If default domain policy is synced, each school slave could > overwrite all the existing default-domainpolicies in the whole UCS domain. > This is a big change and the how and ifs of this change should be discussed > at another bug. > Since the original Bug #49838 only demanded the syncronization of > msgpwl-* objects, we think it is a better idea to deactivate the unused > objects for now by unsetting the UCR Variables again in ucs@school in > Bug #52049. Here, we should revert the activation of the domainpolicy > synchronization, the joinscript number increase and the removal of > "CN=IP Security" from the ignorelist. so we deactivate (unset) the mapping for msgpipsec, msgpsi during this update and activate only msgpwl
4971d5ecac2c3797315acbbb57adfcb622b70a36 - ucs-school-metapackage * deactivate sync of msgpipsec, msgpsi and domainpolicy during this update * do not activate sync of msgpipsec, msgpsi and domainpolicy dc2f7abef879acd7786d18981d60c61ad01b0b79 - ucs-test-ucsschool * adapted tests to previous change 3e1efb4be570e8dfaaf73861d38ce456d7dad260 - yaml
msgpsi, msgpipsec deactivated: OK ucs-test variables reset: OK yaml: OK packages built: OK TODO: wait for jenkins test
Jenkins test confirmed: Rejects are gone: OK Verified
UCS@school 4.4 v7 has been released. https://docs.software-univention.de/changelog-ucsschool-4.4v7-de.html If this error occurs again, please clone this bug.