First Last Prev Next    This bug is not in your last search results.
Bug 54185 - [5.0] Enable Referential Integrity (refint) ldap overlay for consistency of LDAP references
[5.0] Enable Referential Integrity (refint) ldap overlay for consistency of L...
Status: CLOSED FIXED
Product: UCS
Classification: Unclassified
Component: LDAP
UCS 5.0
Other Linux
: P5 normal (vote)
: UCS 5.0-0-errata
Assigned To: Dirk Wiesenthal
Arvid Requate
:
Depends on:
Blocks: 48956
  Show dependency treegraph
 
Reported: 2021-12-02 22:12 CET by Dirk Wiesenthal
Modified: 2021-12-08 17:54 CET (History)
6 users (show)

See Also:
What kind of report is it?: Development Internal
What type of bug is this?: ---
Who will be affected by this bug?: ---
How will those affected feel about the bug?: ---
User Pain:
Enterprise Customer affected?:
School Customer affected?:
ISV affected?:
Waiting Support:
Flags outvoted (downgraded) after PO Review:
Ticket number:
Bug group (optional): Cleanup, Error handling, Troubleshooting, UCS Performance, Usability
Max CVSS v3 score:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Dirk Wiesenthal univentionstaff 2021-12-02 22:12:54 CET 
+++ This bug was initially created as a clone of Bug #48956 +++

We should enable the refint overlay module:

https://www.openldap.org/doc/admin24/overlays.html

12.11. Referential Integrity

       overlay refint
       refint_attributes secretary,univentionNetworkLink,…
       refint_nothing "cn=admin,dc=example,dc=com"

When we have this, whenever a modrdn or a remove on a DN is performed the references are updated everywhere!

We don't need to handle these things anymore in UDM manually.
I think we also have a chance that this works for group memberships. If yes, we can get rid of code like fast_member_remove().
Comment 1 Dirk Wiesenthal univentionstaff 2021-12-07 11:06:41 CET 
I cherry-picked from Bug #48956. Additionally:

univention-ldap (16.0.7-8)
cb2b38a0aa27 | Bug #54185: Do not enable refint on updates

univention-directory-manager-modules (15.0.11-28)
4660e9fddab4 | Bug #54185: Fix Py3 issues for the refint handling of UDM
Comment 2 Dirk Wiesenthal univentionstaff 2021-12-07 11:08:01 CET 
AFAICS, the tests passed today. Now I disabled the module via UCR on updates. This should fix the 01_base.52proofuniquemember.master090
Comment 3 Arvid Requate univentionstaff 2021-12-08 15:24:48 CET 
Verified:
* Code review
* Package update
* Functional & Performance tests (users/user)
* ucr unset ldap/refint; service slapd restart
* Functional & Performance tests
* Advisories
First Last Prev Next    This bug is not in your last search results.