Univention Bugzilla – Bug 53014
regression: demo_admin missing school_admin role
Last modified: 2021-05-06 14:11:47 CEST
At our customer the user "demo_admin" is not below cn=lehrer, but below cn=mitarbeiter. This ensures that although the check for uid=demo_admin returns true, the customization of the account cannot be performed and ends in an errorcode 3. In my opinion, after the check for "uid=demo_admin is true", the DN of demo_admin should be queried and used for the udm command. +++ This bug was initially created as a clone of Bug #52970 +++ The create_demoportal.py script in ucs-school-metapackage does not append the school_admin schoolRole to the user, when it makes the teacher an admin.
(In reply to Daniel Duchon from comment #0) > At our customer the user "demo_admin" is not below cn=lehrer, but below > cn=mitarbeiter. If the customer manipulates a pre-configured object, he's on his own. If he knows how to move an object, he should know how to change the ucsschoolRole property. My guess is, that the user "demo_admin" now a staff user, and not a teacher anymore. Having changed the role, the ucsschoolRole property must be changed too, or the object will be inconsistent anyway. > The create_demoportal.py script in ucs-school-metapackage does not append > the school_admin schoolRole to the user, when it makes the teacher an admin. This has been fixed with bug 52986. INVALID because the bug report is about the "demo_admin" user created by the "create_demoportal.py" script. But that object has been manipulated by the customer. If it had not been manipulated, the code from bug 52986 would have fixed it.
A moved demo_user will now be fixed by the join script. [4.4 3884252a5] Bug #53014: handle moved demo_admin user
QA Code → Looks good changelog → OK Advisory → OK Already in 4.4 Functionality: demo_admin with missing role is updated as mitarbeiter or lehrer when running the joinscript: univention-ldapsearch -LLL uid=demo_admin | egrep "dn|ucsschoolRole" dn: uid=demo_admin,cn=mitarbeiter,cn=users,ou=DEMOSCHOOL,dc=wenzel-univention,dc=intranet ucsschoolRole: teacher:school:DEMOSCHOOL ucsschoolRole: school_admin:school:DEMOSCHOOL univention-ldapsearch -LLL uid=demo_admin | egrep "dn|ucsschoolRole" dn: uid=demo_admin,cn=lehrer,cn=users,ou=DEMOSCHOOL,dc=wenzel-univention,dc=intranet ucsschoolRole: teacher:school:DEMOSCHOOL ucsschoolRole: school_admin:school:DEMOSCHOOL I took the liberty to build the package and change the advisory - hope that's OK. [4.4] 4bdc21de6 Bug #53014: change advisory Package: ucs-school-metapackage Version: 12.0.4-15A~4.4.0.202105050929 Branch: ucs_4.4-0 Scope: ucs-school-4.4
set to verified
Errata updates for UCS@school 4.4 v9 have been released. https://docs.software-univention.de/changelog-ucsschool-4.4v9-de.html If this error occurs again, please clone this bug.