Univention Bugzilla – Bug 56172
Object copy fails if extended attributes for operational LDAP attributes are defined - bug in "copyable" flag?
Last modified: 2023-06-20 14:26:24 CEST
Orginal bug report: https://help.univention.com/t/when-was-an-ldap-object-created-or-modified-display-ldap-operational-attributes-in-extended-attributes/20968/6?u=steuwer To reproduce I created the 4 Extended Attributes for groups and users and tried to copy a group using UMC. I also had the error message "Das LDAP-Objekt konnte nicht gespeichert werden: LDAP-Fehler: Constraint violation: createTimestamp: no user modification allowed." The same error occures if I want to copy a user object. I assume that UDM tries to write something in the "createTimestamp" LDAP attribute, which is not allowed. Looking at the documentation I think not setting the "copyable" flag should prevent such a behaviour, but that is not the case here (the value is "None"). Full definition of the Extended Attribute: DN: cn=createTimestamp,cn=custom attributes,cn=univention,[LDAP BASE] CLIName: createTimestamp copyable: None default: None deleteObjectClass: None disableUDMWeb: None doNotSearch: None fullWidth: None groupName: object creation groupPosition: 1 hook: None ldapMapping: createTimestamp longDescription: Database timestamp of the LDAP object creation, typically UTC mayChange: None module: users/user module: groups/group multivalue: None name: createTimestamp notEditable: 0 objectClass: top overwritePosition: None overwriteTab: None shortDescription: timestamp of object creation syntax: string tabAdvanced: None tabName: LDAP details tabPosition: 1 translationGroupName: de_DE: Objekterstellung translationLongDescription: de_DE: Zeitpunkt der Erstellung des LDAP Objekts, typischer Weise UTC translationShortDescription: de_DE: Zeitstempel der Objekterstellung translationTabName: de_DE: LDAP Details valueRequired: None version: 2
This might also be the root cause of Bug #55670