Univention Bugzilla – Bug 53278
S4-Connector: delete_in_s4: Refusing to delete $DN, as it is still the primaryGroupID for 1 users
Last modified: 2021-09-06 12:42:11 CEST
During our Jenkins Tests: 26 times in /var/log/univention/connector-s4.log: https://jenkins.knut.univention.de:8181/job/UCS-5.0/job/UCS-5.0-0/job/AutotestJoin/SambaVersion=s4,Systemrolle=master/ws/test/connector-s4.log Traceback (most recent call last): File "/usr/lib/python3/dist-packages/univention/s4connector/__init__.py", line 822, in __sync_file_from_ucs if not self.sync_from_ucs(key, mapped_object, pre_mapped_ucs_dn, old_dn, old, new): File "/usr/lib/python3/dist-packages/univention/s4connector/s4/__init__.py", line 2340, in sync_from_ucs self.delete_in_s4(object, property_type) File "/usr/lib/python3/dist-packages/univention/s4connector/s4/__init__.py", line 2370, in delete_in_s4 self.lo_s4.lo.delete_s(object['dn']) File "/usr/lib/python3/dist-packages/ldap/ldapobject.py", line 558, in delete_s return self.delete_ext_s(dn,None,None) File "/usr/lib/python3/dist-packages/ldap/ldapobject.py", line 551, in delete_ext_s resp_type, resp_data, resp_msgid, resp_ctrls = self.result3(msgid,all=1,timeout=self.timeout) File "/usr/lib/python3/dist-packages/ldap/ldapobject.py", line 749, in result3 resp_ctrl_classes=resp_ctrl_classes File "/usr/lib/python3/dist-packages/ldap/ldapobject.py", line 756, in result4 ldap_result = self._ldap_call(self._l.result4,msgid,all,timeout,add_ctrls,add_intermediates,add_extop) File "/usr/lib/python3/dist-packages/ldap/ldapobject.py", line 329, in _ldap_call reraise(exc_type, exc_value, exc_traceback) File "/usr/lib/python3/dist-packages/ldap/compat.py", line 44, in reraise raise exc_value File "/usr/lib/python3/dist-packages/ldap/ldapobject.py", line 313, in _ldap_call result = func(*args,**kwargs) ldap.ALREADY_EXISTS: {'desc': 'Already exists', 'info': '00002071: Refusing to delete CN=v2ifov8vpj,CN=Groups,DC=autotest091,DC=local, as it is still the primaryGroupID for 1 users'}
Happens also daily in UCS@school during the Jenkins tests: 29.08.2021 22:03:29.026 LDAP (WARNING): delete subobject: 'cn=domain users testou9305,cn=groups,ou=testou9305,dc=autotest201,dc=local' 29.08.2021 22:03:29.027 LDAP (PROCESS): sync from ucs: [ group] [ delete] CN=Domain Users testou9305,CN=groups,OU=testou9305,DC=autotest201,DC=local 29.08.2021 22:03:29.037 LDAP (WARNING): sync failed, saved as rejected /var/lib/univention-connector/s4/1630267371.958809 29.08.2021 22:03:29.038 LDAP (WARNING): Traceback (most recent call last): File "/usr/lib/python3/dist-packages/univention/s4connector/s4/__init__.py", line 2370, in delete_in_s4 self.lo_s4.lo.delete_s(object['dn']) File "/usr/lib/python3/dist-packages/ldap/ldapobject.py", line 558, in delete_s return self.delete_ext_s(dn,None,None) File "/usr/lib/python3/dist-packages/ldap/ldapobject.py", line 551, in delete_ext_s resp_type, resp_data, resp_msgid, resp_ctrls = self.result3(msgid,all=1,timeout=self.timeout) File "/usr/lib/python3/dist-packages/ldap/ldapobject.py", line 749, in result3 resp_ctrl_classes=resp_ctrl_classes File "/usr/lib/python3/dist-packages/ldap/ldapobject.py", line 756, in result4 ldap_result = self._ldap_call(self._l.result4,msgid,all,timeout,add_ctrls,add_intermediates,add_extop) File "/usr/lib/python3/dist-packages/ldap/ldapobject.py", line 329, in _ldap_call reraise(exc_type, exc_value, exc_traceback) File "/usr/lib/python3/dist-packages/ldap/compat.py", line 44, in reraise raise exc_value File "/usr/lib/python3/dist-packages/ldap/ldapobject.py", line 313, in _ldap_call result = func(*args,**kwargs) ldap.NOT_ALLOWED_ON_NONLEAF: {'desc': 'Operation not allowed on non-leaf', 'info': '00002015: subtree_delete: Unable to delete a non-leaf node (it has 2 children)!'} During handling of the above exception, another exception occurred: Traceback (most recent call last): File "/usr/lib/python3/dist-packages/univention/s4connector/__init__.py", line 822, in __sync_file_from_ucs if not self.sync_from_ucs(key, mapped_object, pre_mapped_ucs_dn, old_dn, old, new): File "/usr/lib/python3/dist-packages/univention/s4connector/s4/__init__.py", line 2340, in sync_from_ucs self.delete_in_s4(object, property_type) File "/usr/lib/python3/dist-packages/univention/s4connector/s4/__init__.py", line 2375, in delete_in_s4 if self._remove_subtree_in_s4(object, property_type): File "/usr/lib/python3/dist-packages/univention/s4connector/s4/__init__.py", line 2408, in _remove_subtree_in_s4 if not self.sync_from_ucs(key, subobject_s4, back_mapped_subobject['dn']): File "/usr/lib/python3/dist-packages/univention/s4connector/s4/__init__.py", line 2340, in sync_from_ucs self.delete_in_s4(object, property_type) File "/usr/lib/python3/dist-packages/univention/s4connector/s4/__init__.py", line 2370, in delete_in_s4 self.lo_s4.lo.delete_s(object['dn']) File "/usr/lib/python3/dist-packages/ldap/ldapobject.py", line 558, in delete_s return self.delete_ext_s(dn,None,None) File "/usr/lib/python3/dist-packages/ldap/ldapobject.py", line 551, in delete_ext_s resp_type, resp_data, resp_msgid, resp_ctrls = self.result3(msgid,all=1,timeout=self.timeout) File "/usr/lib/python3/dist-packages/ldap/ldapobject.py", line 749, in result3 resp_ctrl_classes=resp_ctrl_classes File "/usr/lib/python3/dist-packages/ldap/ldapobject.py", line 756, in result4 ldap_result = self._ldap_call(self._l.result4,msgid,all,timeout,add_ctrls,add_intermediates,add_extop) File "/usr/lib/python3/dist-packages/ldap/ldapobject.py", line 329, in _ldap_call reraise(exc_type, exc_value, exc_traceback) File "/usr/lib/python3/dist-packages/ldap/compat.py", line 44, in reraise raise exc_value File "/usr/lib/python3/dist-packages/ldap/ldapobject.py", line 313, in _ldap_call result = func(*args,**kwargs) ldap.ALREADY_EXISTS: {'desc': 'Already exists', 'info': '00002071: Refusing to delete CN=Domain Users testou9305,CN=groups,OU=testou9305,DC=autotest201,DC=local, as it is still the primaryGroupID for 2 users'}
https://jenkins.knut.univention.de:8181/job/UCSschool-5.0/job/Install%20Singleserver/Config=s4,TestGroup=base1,UCSRelease=public/ws/test/connector-s4.log Traceback (most recent call last): File "/usr/lib/python3/dist-packages/univention/s4connector/__init__.py", line 822, in __sync_file_from_ucs if not self.sync_from_ucs(key, mapped_object, pre_mapped_ucs_dn, old_dn, old, new): File "/usr/lib/python3/dist-packages/univention/s4connector/s4/__init__.py", line 2331, in sync_from_ucs post_con_modify_function(self, property_type, object) File "/usr/lib/python3/dist-packages/univention/s4connector/s4/__init__.py", line 71, in group_members_sync_from_ucs return connector.group_members_sync_from_ucs(key, object) File "/usr/lib/python3/dist-packages/univention/s4connector/s4/__init__.py", line 1413, in group_members_sync_from_ucs self.lo_s4.lo.modify_s(object['dn'], [(ldap.MOD_REPLACE, 'member', [x.encode('UTF-8') for x in s4_members])]) File "/usr/lib/python3/dist-packages/ldap/ldapobject.py", line 629, in modify_s return self.modify_ext_s(dn,modlist,None,None) File "/usr/lib/python3/dist-packages/ldap/ldapobject.py", line 602, in modify_ext_s resp_type, resp_data, resp_msgid, resp_ctrls = self.result3(msgid,all=1,timeout=self.timeout) File "/usr/lib/python3/dist-packages/ldap/ldapobject.py", line 749, in result3 resp_ctrl_classes=resp_ctrl_classes File "/usr/lib/python3/dist-packages/ldap/ldapobject.py", line 756, in result4 ldap_result = self._ldap_call(self._l.result4,msgid,all,timeout,add_ctrls,add_intermediates,add_extop) File "/usr/lib/python3/dist-packages/ldap/ldapobject.py", line 329, in _ldap_call reraise(exc_type, exc_value, exc_traceback) File "/usr/lib/python3/dist-packages/ldap/compat.py", line 44, in reraise raise exc_value File "/usr/lib/python3/dist-packages/ldap/ldapobject.py", line 313, in _ldap_call result = func(*args,**kwargs) ldap.ALREADY_EXISTS: {'desc': 'Already exists', 'info': '00002071: samldb: member CN=X8nr0jwyn3e,OU=ôdm*@*\\3Dôâ0,DC=autotest201,DC=local already set via primaryGroupID 513'}