Bug 52145 – wait_for_drs_replication does nothing on s4 memberservers

Bug 52145 - wait_for_drs_replication does nothing on s4 memberservers


Summary:	wait_for_drs_replication does nothing on s4 memberservers

Status:	NEW

Product:	UCS Test
Classification:	Unclassified
Component:	S4 Connector
Version:	unspecified
Hardware:	Other Linux

Importance:	P5 normal (vote)
Target Milestone:	---
Assigned To:	Samba maintainers
QA Contact:

URL:
Keywords:

Depends on:
Blocks:
	Show dependency tree / graph

Reported:	2020-09-28 16:28 CEST by Julia Bremer
Modified:	2020-09-29 10:10 CEST (History)
CC List:	1 user (show)

See Also:
What kind of report is it?:	---
What type of bug is this?:	---
Who will be affected by this bug?:	---
How will those affected feel about the bug?:	---
User Pain:
Enterprise Customer affected?:
School Customer affected?:
ISV affected?:
Waiting Support:
Flags outvoted (downgraded) after PO Review:
Ticket number:
Bug group (optional):
Max CVSS v3 score:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Julia Bremer

2020-09-28 16:28:58 CEST

ucs-tests on our memberservers in samba4 environments are especially flaky,
since wait_for_drs_replication is just skipped if univention-samba4 is not installed.
We should add an appropriate function which waits until the object is synced to samba4 on the master server.

Comment 1 Julia Bremer

2020-09-29 08:42:22 CEST

1069894f34fff516a9b02dff7ec185ab8bfd677b     Bug #52145: Workaround: sleep if s4 memberserver

As a workaround for now, I added 15 seconds of sleep if univention-samba is installed and not univention-samba4.
wait_for_drs_replication is now called by udm.py if serverrole = memberserver.

This is no solution we should have a function which only waits as long as it takes until everything is replicated. This is very error-prone, but it fixed one test in question

Comment 2 Julia Bremer

2020-09-29 09:38:11 CEST

10_saml_password_expire failed only on s4 memberserver because it checked the saml login of a user without a userPassword aka placeholder {KINIT} and therefore the kerberos authentication before the user was added to samba. 
This test is successful with the new workaround.

But I had to add hacks like "sleep if memberserver and univention-samba installed" on various tests to avoid the S4-Connector ping pong in the last weeks, so it seemed appropriate to add this generally until we find a better solution.

Comment 3 Florian Best

2020-09-29 09:42:16 CEST

Instead of always sleeping 15 seconds, can't you just sleep on a memberserver?
(git:1069894f34fff516a9b02dff7ec185ab8bfd677b)

Comment 4 Julia Bremer

2020-09-29 10:10:04 CEST

(In reply to Florian Best from comment #3)
> Instead of always sleeping 15 seconds, can't you just sleep on a
> memberserver?
> (git:1069894f34fff516a9b02dff7ec185ab8bfd677b)

AFAIK univention-samba is only installed on memberserver with samba4 in the domain 
(when samba3 is installed on them) and slave-pdc.
This patch shouldn't add a 15 second sleep on every system. 
I should have been more explicit.