First Last Prev Next    This bug is not in your last search results.
Bug 53721 - S4-Connector referral handling on DC Slave causes ldap.INSUFFICIENT_ACCESS
S4-Connector referral handling on DC Slave causes ldap.INSUFFICIENT_ACCESS
Status: NEW
Product: UCS
Classification: Unclassified
Component: S4 Connector
UCS 5.0
Other Linux
: P5 normal (vote)
: ---
Assigned To: Samba maintainers
Samba maintainers
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2021-08-30 18:03 CEST by Florian Best
Modified: 2021-09-06 14:09 CEST (History)
0 users

See Also:
What kind of report is it?: Development Internal
What type of bug is this?: ---
Who will be affected by this bug?: ---
How will those affected feel about the bug?: ---
User Pain:
Enterprise Customer affected?:
School Customer affected?:
ISV affected?:
Waiting Support:
Flags outvoted (downgraded) after PO Review:
Ticket number:
Bug group (optional):
Max CVSS v3 score:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Florian Best univentionstaff 2021-08-30 18:03:23 CEST 
Some UCS@school upgrade from 4.4 to 5.0 tests causes the following error in the S4-Connector:

https://jenkins.knut.univention.de:8181/job/UCSschool-5.0/job/Upgrade%20Multiserver/Config=s4,TestGroup=base1/ws/test/slave2081/connector-s4.log

29.08.2021 22:45:51.037 LDAP        (PROCESS): sync to ucs:   [          user] [    modify] 'uid=tqjmqfjtrd,cn=f6bx10eosl,cn=users,dc=autotest208,dc=local'
29.08.2021 22:45:51.108 LDAP        (ERROR  ): failed in post_con_modify_functions
29.08.2021 22:45:51.112 LDAP        (ERROR  ): Traceback (most recent call last):
  File "/usr/lib/python3/dist-packages/univention/uldap.py", line 812, in modify_ext_s
    rtype, rdata, rmsgid, resp_ctrls = self.lo.modify_ext_s(dn, ml, serverctrls=serverctrls)
  File "/usr/lib/python3/dist-packages/ldap/ldapobject.py", line 1253, in modify_ext_s
    return self._apply_method_s(SimpleLDAPObject.modify_ext_s,*args,**kwargs)
  File "/usr/lib/python3/dist-packages/ldap/ldapobject.py", line 1197, in _apply_method_s
    return func(self,*args,**kwargs)
  File "/usr/lib/python3/dist-packages/ldap/ldapobject.py", line 602, in modify_ext_s
    resp_type, resp_data, resp_msgid, resp_ctrls = self.result3(msgid,all=1,timeout=self.timeout)
  File "/usr/lib/python3/dist-packages/ldap/ldapobject.py", line 749, in result3
    resp_ctrl_classes=resp_ctrl_classes
  File "/usr/lib/python3/dist-packages/ldap/ldapobject.py", line 756, in result4
    ldap_result = self._ldap_call(self._l.result4,msgid,all,timeout,add_ctrls,add_intermediates,add_extop)
  File "/usr/lib/python3/dist-packages/ldap/ldapobject.py", line 329, in _ldap_call
    reraise(exc_type, exc_value, exc_traceback)
  File "/usr/lib/python3/dist-packages/ldap/compat.py", line 44, in reraise
    raise exc_value
  File "/usr/lib/python3/dist-packages/ldap/ldapobject.py", line 313, in _ldap_call
    result = func(*args,**kwargs)
ldap.REFERRAL: {'desc': 'Referral', 'info': 'Referral:\nldap://master208.autotest208.local:7389/uid=tqjmqfjtrd,cn=f6bx10eosl,cn=users,dc=autotest208,dc=local'}

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
  File "/usr/lib/python3/dist-packages/univention/s4connector/__init__.py", line 1478, in sync_to_ucs
    post_ucs_modify_function(self, property_type, object)
  File "/usr/lib/python3/dist-packages/univention/s4connector/s4/password.py", line 822, in password_sync_s4_to_ucs
    s4connector.lo.lo.modify(ucs_object['dn'], modlist)
  File "/usr/lib/python3/dist-packages/univention/uldap.py", line 208, in _decorated
    return func(self, *args, **kwargs)
  File "/usr/lib/python3/dist-packages/univention/uldap.py", line 753, in modify
    self.modify_ext_s(dn, ml, serverctrls=serverctrls, response=response)
  File "/usr/lib/python3/dist-packages/univention/uldap.py", line 208, in _decorated
    return func(self, *args, **kwargs)
  File "/usr/lib/python3/dist-packages/univention/uldap.py", line 817, in modify_ext_s
    rtype, rdata, rmsgid, resp_ctrls = lo_ref.modify_ext_s(dn, ml, serverctrls=serverctrls)
  File "/usr/lib/python3/dist-packages/ldap/ldapobject.py", line 1253, in modify_ext_s
    return self._apply_method_s(SimpleLDAPObject.modify_ext_s,*args,**kwargs)
  File "/usr/lib/python3/dist-packages/ldap/ldapobject.py", line 1197, in _apply_method_s
    return func(self,*args,**kwargs)
  File "/usr/lib/python3/dist-packages/ldap/ldapobject.py", line 602, in modify_ext_s
    resp_type, resp_data, resp_msgid, resp_ctrls = self.result3(msgid,all=1,timeout=self.timeout)
  File "/usr/lib/python3/dist-packages/ldap/ldapobject.py", line 749, in result3
    resp_ctrl_classes=resp_ctrl_classes
  File "/usr/lib/python3/dist-packages/ldap/ldapobject.py", line 756, in result4
    ldap_result = self._ldap_call(self._l.result4,msgid,all,timeout,add_ctrls,add_intermediates,add_extop)
  File "/usr/lib/python3/dist-packages/ldap/ldapobject.py", line 329, in _ldap_call
    reraise(exc_type, exc_value, exc_traceback)
  File "/usr/lib/python3/dist-packages/ldap/compat.py", line 44, in reraise
    raise exc_value
  File "/usr/lib/python3/dist-packages/ldap/ldapobject.py", line 313, in _ldap_call
    result = func(*args,**kwargs)
ldap.INSUFFICIENT_ACCESS: {'desc': 'Insufficient access'}
Comment 2 Florian Best univentionstaff 2021-09-06 14:09:23 CEST 
Traceback (most recent call last):
  File "/usr/lib/python2.7/dist-packages/univention/s4connector/__init__.py", line 1574, in sync_to_ucs
    f(self, property_type, object)
  File "/usr/lib/python2.7/dist-packages/univention/s4connector/s4/password.py", line 861, in password_sync_s4_to_ucs_no_userpassword
    password_sync_s4_to_ucs(s4connector, key, ucs_object, modifyUserPassword=False)
  File "/usr/lib/python2.7/dist-packages/univention/s4connector/s4/password.py", line 853, in password_sync_s4_to_ucs
    s4connector.lo.lo.modify(ucs_object['dn'], modlist)
  File "/usr/lib/python2.7/dist-packages/univention/uldap.py", line 207, in _decorated
    return func(self, *args, **kwargs)
  File "/usr/lib/python2.7/dist-packages/univention/uldap.py", line 756, in modify
    self.modify_ext_s(dn, ml, serverctrls=serverctrls, response=response)
  File "/usr/lib/python2.7/dist-packages/univention/uldap.py", line 207, in _decorated
    return func(self, *args, **kwargs)
  File "/usr/lib/python2.7/dist-packages/univention/uldap.py", line 818, in modify_ext_s
    rtype, rdata, rmsgid, resp_ctrls = lo_ref.modify_ext_s(dn, ml, serverctrls=serverctrls)
  File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 987, in modify_ext_s
    return self._apply_method_s(SimpleLDAPObject.modify_ext_s,*args,**kwargs)
  File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 931, in _apply_method_s
    return func(self,*args,**kwargs)
  File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 374, in modify_ext_s
    resp_type, resp_data, resp_msgid, resp_ctrls = self.result3(msgid,all=1,timeout=self.timeout)
  File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 514, in result3
    resp_ctrl_classes=resp_ctrl_classes
  File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 521, in result4
    ldap_result = self._ldap_call(self._l.result4,msgid,all,timeout,add_ctrls,add_intermediates,add_extop)
  File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 106, in _ldap_call
    result = func(*args,**kwargs)
INSUFFICIENT_ACCESS: {'desc': 'Insufficient access'}

Traceback (most recent call last):
  File "/usr/lib/python3/dist-packages/univention/admin/uldap.py", line 803, in modify
    return self.lo.modify(dn, changes, serverctrls=serverctrls, response=response, rename_callback=rename_callback)
  File "/usr/lib/python3/dist-packages/univention/uldap.py", line 208, in _decorated
    return func(self, *args, **kwargs)
  File "/usr/lib/python3/dist-packages/univention/uldap.py", line 753, in modify
    self.modify_ext_s(dn, ml, serverctrls=serverctrls, response=response)
  File "/usr/lib/python3/dist-packages/univention/uldap.py", line 208, in _decorated
    return func(self, *args, **kwargs)
  File "/usr/lib/python3/dist-packages/univention/uldap.py", line 817, in modify_ext_s
    rtype, rdata, rmsgid, resp_ctrls = lo_ref.modify_ext_s(dn, ml, serverctrls=serverctrls)
  File "/usr/lib/python3/dist-packages/ldap/ldapobject.py", line 1253, in modify_ext_s
    return self._apply_method_s(SimpleLDAPObject.modify_ext_s,*args,**kwargs)
  File "/usr/lib/python3/dist-packages/ldap/ldapobject.py", line 1197, in _apply_method_s
    return func(self,*args,**kwargs)
  File "/usr/lib/python3/dist-packages/ldap/ldapobject.py", line 602, in modify_ext_s
    resp_type, resp_data, resp_msgid, resp_ctrls = self.result3(msgid,all=1,timeout=self.timeout)
  File "/usr/lib/python3/dist-packages/ldap/ldapobject.py", line 749, in result3
    resp_ctrl_classes=resp_ctrl_classes
  File "/usr/lib/python3/dist-packages/ldap/ldapobject.py", line 756, in result4
    ldap_result = self._ldap_call(self._l.result4,msgid,all,timeout,add_ctrls,add_intermediates,add_extop)
  File "/usr/lib/python3/dist-packages/ldap/ldapobject.py", line 329, in _ldap_call
    reraise(exc_type, exc_value, exc_traceback)
  File "/usr/lib/python3/dist-packages/ldap/compat.py", line 44, in reraise
    raise exc_value
  File "/usr/lib/python3/dist-packages/ldap/ldapobject.py", line 313, in _ldap_call
    result = func(*args,**kwargs)
ldap.INSUFFICIENT_ACCESS: {'desc': 'Insufficient access'}
First Last Prev Next    This bug is not in your last search results.