Univention Bugzilla – Bug 53705
msgpo.py script for msgpo synchronization does not work on school-replicas
Last modified: 2021-09-01 17:07:11 CEST
Bug #52043 Commit c5b61155c43dd89540b139638580010a30f6a312 removed the option of the script services/univention-s4-connector/scripts/msgpo.py to define a binddn and a bindpwd for LDAP credentials. Instead it uses the machine account, which is fine on primaries and backups, but not on school-replicas where the s4-connector is installed. The script is called in the joinscript 97univention-s4-connector.inst.
The script can be used with binddn and bindpwdfile again and is used like that in 97univention-s4-connector.inst. If no credentials are given, the machine secret is given. If this is not sufficient, an error is logged. univention-s4-connector Version: 14.0.7-3A~5.0.0.202108252057 ucs-test Version: 10.0.6-29A~5.0.0.202108252052 a56bfc9318 Bug #53705: Add option binddn and bindpwdfile to msgpo.py tool ucs-test-ucsschool Version: 7.0.4A~5.0.0.202108252114: f68bb9442 Bug #53705: Use Domain Admin credentials for msgpo.py script bc69050b0b Bug #53705: yaml Todo: Waiting for test result
91c_samba4_gpo_link_replication was successful but 91b_samba4_gpc_two_way_replication failed for the first time today. Investigating
91b_samba4_gpc_two_way_replication fails while trying to create a gpo on the primary server via samba-tool. I think its failure is not related, as it failed before with the same error. Setting this to resolved fixed, but I'll reopen if the test continues to fail.
OK: fix OK: YAML
<https://errata.software-univention.de/#/?erratum=5.0x78>