First Last Prev Next    This bug is not in your last search results.
Bug 54041 - Connector stops working after joining in an AD forest domain
Connector stops working after joining in an AD forest domain
Status: RESOLVED DUPLICATE of bug 53944
Product: UCS
Classification: Unclassified
Component: AD Connector
UCS 4.4
Other Linux
: P5 normal (vote)
: ---
Assigned To: Arvid Requate
Julia Bremer
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2021-11-09 12:42 CET by Christina Scheinig
Modified: 2023-11-02 17:48 CET (History)
3 users (show)

See Also:
What kind of report is it?: Bug Report
What type of bug is this?: 4: Minor Usability: Impairs usability in secondary scenarios
Who will be affected by this bug?: 1: Will affect a very few installed domains
How will those affected feel about the bug?: 3: A User would likely not purchase the product
User Pain: 0.069
Enterprise Customer affected?:
School Customer affected?:
ISV affected?:
Waiting Support:
Flags outvoted (downgraded) after PO Review:
Ticket number: 2021100421000225
Bug group (optional):
Max CVSS v3 score:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Christina Scheinig univentionstaff 2021-11-09 12:42:44 CET 
As we tested in Bug 53944, the problem in UCS 4.4-8 is quite similar, but the problem occurs after the join to an AD Forest Domain.

The connector is not starting anymore:
Tue Nov  9 12:17:47 2021
Failed to lookup attribute Schema from AD: {'info': "0000208D: NameErr: DSID-03100241, problem 2001 (NO_OBJECT), data 0, best match of:\n\t'DC=beam,DC=example,DC=org'\n", 'matched': 'DC=beam,DC=example,DC=org', 'desc': 'No such object'}

In the testenvironment the namingContext is now

## Subdomain:

root@primary20:~# ldbsearch -H ldap://10.200.43.118 -b '' \
                  -U Administrator%Univention.1  -s base namingContexts 
# record 1
dn: 
namingContexts: CN=Configuration,DC=example,DC=org
namingContexts: CN=Schema,CN=Configuration,DC=example,DC=org
namingContexts: DC=ForestDnsZones,DC=example,DC=org
namingContexts: DC=subdomain,DC=example,DC=org
namingContexts: DC=DomainDnsZones,DC=beam,DC=example,DC=org


## vs forest root:

root@primary20:~# ldbsearch -H ldap://10.200.43.114 -b '' \
                  -U Administrator%Univention.1  -s base namingContexts 
# record 1
dn: 
namingContexts: DC=example,DC=org
namingContexts: CN=Configuration,DC=example,DC=org
namingContexts: CN=Schema,CN=Configuration,DC=example,DC=org
namingContexts: DC=DomainDnsZones,DC=example,DC=org
namingContexts: DC=ForestDnsZones,DC=example,DC=org

---------------
I guess the connector does the following:

ldbsearch -H ldap://10.200.43.118 -b 'CN=Schema,CN=Configuration,DC=beam,DC=example,DC=org' -U Administrator%Univention.1

search error - LDAP error 32 LDAP_NO_SUCH_OBJECT - DC=beam,DC=example,DC=org <0000208D: NameErr: DSID-03100241, problem 2001 (NO_OBJECT), data 0, best match of:
        'DC=beam,DC=example,DC=org'

instead of

ldbsearch -H ldap://10.200.43.118 -b 'CN=Schema,CN=Configuration,DC=example,DC=org' -U Administrator%Univention.1

which works.
Comment 1 Arvid Requate univentionstaff 2023-11-02 17:48:05 CET 
As far as I understand this, when it comes to UCS 5.0-x this should be fixed with the change for Bug 53944.

*** This bug has been marked as a duplicate of bug 53944 ***
First Last Prev Next    This bug is not in your last search results.