Univention Bugzilla – Bug 54568
policies/umc also applies to computer objects
Last modified: 2022-11-16 18:03:57 CET
UMC policies are also evaluated for computer objects. So UMC should support to display and set them. Patch: diff --git management/univention-directory-manager-modules/modules/univention/admin/handlers/policies/umc.py management/univention-directory-manager-modules/modules/univention/admin/handlers/policies/umc.py index dbb0df122b..33bdf86f60 100644 --- management/univention-directory-manager-modules/modules/univention/admin/handlers/policies/umc.py +++ management/univention-directory-manager-modules/modules/univention/admin/handlers/policies/umc.py @@ -62 +62 @@ policy_oc = 'umcPolicy' -policy_apply_to = ['users/user', 'users/ldap', 'groups/group'] +policy_apply_to = ['users/user', 'users/ldap', 'groups/group', 'computers/domaincontroller_master', 'computers/domaincontroller_backup', 'computers/domaincontroller_slave', 'computers/memberserver']
Reproduce: udm "computers/$(ucr get server/role)" modify --dn "$(ucr get ldap/hostdn)" --policy-reference "cn=default-computers-umc,cn=UMC,cn=policies,$(ucr get ldap/base)" udm "computers/$(ucr get server/role)" list --policies=1 | grep default-computers-umc → UDM CLI shows it: univentionPolicyReference: cn=default-computers-umc,cn=UMC,cn=policies,l=school,l=dev Policy: cn=default-computers-umc,cn=UMC,cn=policies,l=school,l=dev __udm "computers/$(ucr get server/role)" list --policies=1 | grep default-computers-umc curl -s -H 'Accept: application/json' "http://Administrator:univention@localhost/univention/udm/computers/$(ucr get server/role)/$(ucr get ldap/hostdn)" | python -m json.tool | grep -A2 policies/umc → UDM REST API doesn't show it.
UMC policies can now be selected for computer objects which provide a UMC: univention-directory-manager-modules.yaml eeb33193ed3e | feat(udm policies(umc): apply policies/umc also to computer objects univention-directory-manager-modules (15.0.13-20) eeb33193ed3e | feat(udm policies(umc): apply policies/umc also to computer objects
Verified: * Comment 1 * Advisory
<https://errata.software-univention.de/#/?erratum=5.0x489>