First Last Prev Next    This bug is not in your last search results.
Bug 54487 - [4.4] memberUid is missing after updating group users with the same uid
[4.4] memberUid is missing after updating group users with the same uid
Status: CLOSED FIXED
Product: UCS
Classification: Unclassified
Component: UDM (Generic)
UCS 4.4
Other Linux
: P5 normal (vote)
: UCS 4.4-8-errata
Assigned To: Arvid Requate
Julia Bremer
https://git.knut.univention.de/univen...
:
Depends on: 54297
Blocks:
  Show dependency treegraph
 
Reported: 2022-02-24 10:18 CET by Julia Bremer
Modified: 2022-03-09 13:25 CET (History)
6 users (show)

See Also:
What kind of report is it?: Bug Report
What type of bug is this?: 5: Major Usability: Impairs usability in key scenarios
Who will be affected by this bug?: 2: Will only affect a few installed domains
How will those affected feel about the bug?: 3: A User would likely not purchase the product
User Pain: 0.171
Enterprise Customer affected?: Yes
School Customer affected?:
ISV affected?:
Waiting Support:
Flags outvoted (downgraded) after PO Review:
Ticket number:
Bug group (optional): bitesize
Max CVSS v3 score:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Julia Bremer univentionstaff 2022-02-24 10:18:15 CET 
The customer who had this problem needs this fixed for UCS 4.4


+++ This bug was initially created as a clone of Bug #54297 +++

The customer has the Cool Solution user-group-sync at work which synchronizes two domains via serializing users & groups from the source system and modifying them via UDM at the destination system.
If a user is moved his uid remains the same, but the DN changes. While updating its groups, the uniqueMember is updated, but the memberUid value is missing afterwards.

The same can be achieved by changing the DN of a user currently in a group:

$ udm groups/group create --position cn=groups,dc=test,dc=de --set name=testgroup --set users=uid=testuser,cn=users,dc=test,dc=de
Object created: cn=testgroup,cn=groups,dc=test,dc=de
$ univention-ldapsearch -LLL cn=testgroup uniqueMember memberUid
dn: cn=testgroup,cn=groups,dc=test,dc=de
memberUid: testuser
uniqueMember: uid=testuser,cn=users,dc=local,dc=test,dc=de
$ udm groups/group modify --dn cn=testgroup,cn=groups,dc=test,dc=de --set users=uid=testuser,cn=Employees,cn=users,dc=test,dc=de
$ univention-ldapsearch -LLL cn=testgroup uniqueMember memberUid
dn: cn=testgroup,cn=groups,dc=test,dc=de
uniqueMember: uid=testuser,cn=Employees,cn=users,dc=local,dc=test,dc=de

Therefore the memberUid should remain untouched instead of being removed.
Comment 1 Arvid Requate univentionstaff 2022-03-07 10:15:19 CET 
65383766b1 | memberUid attribute missing when update uniquemember on LDAP group
d6061e6e4a | ucs test validation for uniquemember modification attribute
7b0091c13f | Advisory update

ucs-test was adjusted too, so we should announce that too.
Comment 2 Julia Bremer univentionstaff 2022-03-08 18:09:37 CET 
Tests successful: OK
Manual test: OK
Packages built: OK
Yaml: OK
Verified
First Last Prev Next    This bug is not in your last search results.