Univention Bugzilla – Bug 54185
[5.0] Enable Referential Integrity (refint) ldap overlay for consistency of LDAP references
Last modified: 2021-12-08 17:54:30 CET
+++ This bug was initially created as a clone of Bug #48956 +++ We should enable the refint overlay module: https://www.openldap.org/doc/admin24/overlays.html 12.11. Referential Integrity overlay refint refint_attributes secretary,univentionNetworkLink,… refint_nothing "cn=admin,dc=example,dc=com" When we have this, whenever a modrdn or a remove on a DN is performed the references are updated everywhere! We don't need to handle these things anymore in UDM manually. I think we also have a chance that this works for group memberships. If yes, we can get rid of code like fast_member_remove().
I cherry-picked from Bug #48956. Additionally: univention-ldap (16.0.7-8) cb2b38a0aa27 | Bug #54185: Do not enable refint on updates univention-directory-manager-modules (15.0.11-28) 4660e9fddab4 | Bug #54185: Fix Py3 issues for the refint handling of UDM
AFAICS, the tests passed today. Now I disabled the module via UCR on updates. This should fix the 01_base.52proofuniquemember.master090
Verified: * Code review * Package update * Functional & Performance tests (users/user) * ucr unset ldap/refint; service slapd restart * Functional & Performance tests * Advisories
<https://errata.software-univention.de/#/?erratum=5.0x173> <https://errata.software-univention.de/#/?erratum=5.0x174>