Univention Bugzilla – Full Text Bug Listing |
Summary: | Gruppennamen erkennen | ||
---|---|---|---|
Product: | UCS | Reporter: | Stefan Gohmann <gohmann> |
Component: | AD Connector | Assignee: | Samba maintainers <samba-maintainers> |
Status: | RESOLVED WONTFIX | QA Contact: | |
Severity: | enhancement | ||
Priority: | P5 | CC: | da, ebersbach, oyen, petersen |
Version: | UCS 4.1 | Flags: | oyen:
Patch_Available+
|
Target Milestone: | --- | ||
Hardware: | Other | ||
OS: | Linux | ||
What kind of report is it?: | Bug Report | What type of bug is this?: | 2: Improvement: Would be a product improvement |
Who will be affected by this bug?: | 2: Will only affect a few installed domains | How will those affected feel about the bug?: | 3: A User would likely not purchase the product |
User Pain: | 0.069 | Enterprise Customer affected?: | |
School Customer affected?: | ISV affected?: | ||
Waiting Support: | Flags outvoted (downgraded) after PO Review: | ||
Ticket number: | 2015061021002795 | Bug group (optional): | External feedback, Internationalization |
Max CVSS v3 score: | |||
Bug Depends on: | |||
Bug Blocks: | 35527, 42524 | ||
Attachments: |
Patch-series to implement Well-Known-SID {group,user} name mapping
Patch-series to implement Well-Known-SID {group,user} name mapping (updated) |
Description
Stefan Gohmann
Im S4 Connector durch Bug #28910 behoben. Dies sollte übernommen werden und beim Einrichten des Connectors automatisch gesetzt werden. *** Bug 25904 has been marked as a duplicate of this bug. *** Requested via 2015061021002795 most likely also the cause of the problem mentioned in http://forum.univention.de/viewtopic.php?f=56&t=4560 Created attachment 8368 [details]
Patch-series to implement Well-Known-SID {group,user} name mapping
The attached patch-series implements user/group renaming for the AD-connector
using UCR-variables.
During the initialization of the AD-Connector via UMC (in connector-mode), the
script `well-known-sid-object-rename` is called with the new flag
`--ucr-mapping`. This will scan the AD-LDAP for well-known-sids and create UCR
variables (connector/ad/mapping/{user,group}/table/.*) to store a mapping from
AD-{group,user}-name to OpenLDAP-{group,user}-name. Analogous to the
S4-Connector, the UCR-variables are used for the generation of a `mapping_table`
during the generation of the `mapping.py`.
Note: This implements the name-mapping not only for groups, but also for users.
This patch-series removes the UCR-variables `con.*/ad/mapping/group/language`,
as they are no longer necessary. This must be adapted in the manual.
During the setup of multiple AD-Connectors as described in the `Extended Windows
integration documentation`, `well-known-sid-object-rename --configbasename XXX
--binddn XXX --bindpwd XXX --ucr-mapping` must be called to generate the mapping
UCR-variables.
All ad-connector tests are passing on a UCS DC master 4.1-4 with the
AD-Connector in bidirectional sync-mode against a Windows Server 2012 localized
to german.
Created attachment 8393 [details]
Patch-series to implement Well-Known-SID {group,user} name mapping (updated)
Updated patch-set rebased on current 4.1-4 and with fixed indentation.
Code rebased on 4.2-2 in branch loyen/24923-adconnector-group-rename-422 This issue has been filled against UCS 4.1. The maintenance with bug and security fixes for UCS 4.1 has ended on 5st of April 2018. Customers still on UCS 4.1 are encouraged to update to UCS 4.3. Please contact your partner or Univention for any questions. If this issue still occurs in newer UCS versions, please use "Clone this bug" or simply reopen the issue. In this case please provide detailed information on how this issue is affecting you. |