Description Julia Bremer 2024-04-19 10:10:04 CEST

When we added the guardianInheritedRoles to UDM during Bug #57111 to all users and computer objects.
We added them to users/ldap as well, not realizing, that those users have no group property.
While creation is succesful, when trying to modify the user in the "LDAP directory" UMC module it fails with this traceback:

Internal server error during "udm/get (navigation)".
Request: udm/get (navigation)

Traceback (most recent call last):
  File "%PY3%/univention/management/console/modules/decorators.py", line 259, in _run
    result = self._function(*args, **kwargs)  # type: Union[BaseException, _T]
  File "%PY3%/univention/management/console/modules/udm/__init__.py", line 496, in get
    return self._get(request)
  File "%PY3%/univention/management/console/modules/udm/__init__.py", line 553, in _get
    prop.lazy_load(obj)
  File "%PY3%/univention/admin/__init__.py", line 398, in lazy_load
    getattr(obj, self.lazy_loading_fn)()
  File "%PY3%/univention/admin/guardian_roles.py", line 141, in open_guardian
    self.info['guardianInheritedRoles'] = load_roles(self.lo, self['groups'] + [self['primaryGroup']])
  File "%PY3%/univention/admin/handlers/__init__.py", line 525, in __getitem__
    elif key not in self.__no_default and self.descriptions[key].editable:
KeyError: 'groups'


The guardianInheritedRoles are only fetched when using the UMC. UDM create, modify etc. works as expected. 
We need to remove the guardianInheritedRoles attribute from users/ldap. 
I think they still need guardianRoles though.