Univention Bugzilla – Bug 53455
Add diagnostic check for LDAP schema (slapschema)
Last modified: 2022-04-29 16:26:10 CEST
Recently we had a support case in a project where a trivial udm modify aborted with LDAP Error: Undefined attribute type: entry update failed In that case slapschema reported an attribute (characteristic: uppercase) found in the OpenLDAP backend data that was not defined in the LDAP schema. Specifically it was an operational attribute from slapo-lastbind that had been active temporarily for some experiment in that environment. IIRC the slapschema output was something like this: 54f0829b UNKNOWN attributeDescription “AUTHTIMESTAMP” inserted. With sufficient slapd debug level the string "UNKNOWN" stuck out in the syslog.
New plugin developed to diagnose if there is missing LDAP schemas refereed by an existing object. Added test file or the plugin. univention-management-console-module-diagnostic.yaml fd15f3f115d3 | Bug #53455: update YAML for univention management console module diagnostic 73b09084ea1c | Bug #53455: updated changelog and advisory univention-management-console-module-diagnostic (6.0.0-26) 73b09084ea1c | Bug #53455: updated changelog and advisory univention-management-console-module-diagnostic (6.0.0-25) 21cc6090c343 | Bug #53455: Diagnostic tool for missing schemas ucs-test (10.0.6-101) 95b4c0ec4f50 | Bug #53455: Added test case for the diagnostic tool
Verified: * Code review * Package update * Functional test * ucs-test Testcase * Advisory
<https://errata.software-univention.de/#/?erratum=5.0x285>