First Last Prev Next    This bug is not in your last search results.
Bug 54781 - univention-adsearch broken for environments with multiple "custom" AD-Connectors
univention-adsearch broken for environments with multiple "custom" AD-Connectors
Status: CLOSED FIXED
Product: UCS
Classification: Unclassified
Component: AD Connector
UCS 5.0
Other Linux
: P5 normal (vote)
: UCS 5.0-2-errata
Assigned To: Arvid Requate
Johannes Lohmer
https://git.knut.univention.de/univen...
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2022-05-20 14:38 CEST by Arvid Requate
Modified: 2023-02-01 17:24 CET (History)
2 users (show)

See Also:
What kind of report is it?: Bug Report
What type of bug is this?: 5: Major Usability: Impairs usability in key scenarios
Who will be affected by this bug?: 2: Will only affect a few installed domains
How will those affected feel about the bug?: 5: Blocking further progress on the daily work
User Pain: 0.286
Enterprise Customer affected?: Yes
School Customer affected?:
ISV affected?:
Waiting Support:
Flags outvoted (downgraded) after PO Review:
Ticket number: 2022042821000388
Bug group (optional): bitesize
Max CVSS v3 score:
requate: Patch_Available+

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Arvid Requate univentionstaff 2022-05-20 14:38:43 CEST 
root@ucsbackup:~# univention-adsearch -c connector-tue samaccountname=stark
/usr/sbin/univention-adsearch: line 97: connector-tue_ad_ldap_binddn: invalid variable name
/usr/sbin/univention-adsearch: line 107: connector-tue_ad_ldap_host: invalid variable name
/usr/sbin/univention-adsearch: line 108: connector-tue_ad_ldap_port: invalid variable name
/usr/sbin/univention-adsearch: line 109: connector-tue_ad_ldap_base: invalid variable name
Failed to connect to ldap URL 'ldap://' - LDAP client internal error: NT_STATUS_INVALID_PARAMETER
Failed to connect to 'ldap://' with backend 'ldap': LDAP client internal error: NT_STATUS_INVALID_PARAMETER
Failed to connect to ldap:// - LDAP client internal error: NT_STATUS_INVALID_PARAMETER
Comment 1 Arvid Requate univentionstaff 2022-05-20 14:43:22 CEST 
See URL above for a proposal for a fix that worked in the customer environment.
Comment 2 Christina Scheinig univentionstaff 2022-10-06 08:59:48 CEST 
We fixed Bug 54780 for the customer, but the major problem is still, that the customer (Partner) is not able to upgrade the environments. The connectors are not working anymore.
Comment 3 Arvid Requate univentionstaff 2023-01-27 11:34:15 CET 
b759ef7cd6 | Fix univention-adsearch for multi-connector setups
52ececd37f | cleanup: fix warning about deprecated option
09c7a9216b | Advisory update

Package: univention-ad-connector
Version: 14.0.10-8A~5.0.0.202301271123
Branch: ucs_5.0-0
Scope: errata5.0-2
Comment 4 Johannes Lohmer univentionstaff 2023-01-30 14:13:20 CET 
The Script imports the relevant UCR variable via shell environment variables.

As it is not the convention to use anythin but uppercase letters or `_` in environment variables.

This merge request fixes the described issue by substituting `-` with `_` in the env variable evaluation.

Other special characters like `?` `,` `!` will still cause problems.
We should add a check to the prepare-new-instance script to reject connector names with special characters.

OK: Code
OK: Changelog
OK: Yaml
OK: Package Built
OK: Bug Fixed

Reproduced with Version: 14.0.10-1A~5.0.0.202206231934 
Nev Version: 14.0.10-8A~5.0.0.202301271123 fixed the specific bug but not the underlying fragility regarding special characters in ucr variables.
First Last Prev Next    This bug is not in your last search results.