Bug 34451

Summary: Import new license fails on DC Backup
Product: UCS Reporter: Dirk Wiesenthal <wiesenthal>
Component: UMC (Generic)Assignee: UMC maintainers <umc-maintainers>
Status: RESOLVED DUPLICATE QA Contact:
Severity: normal    
Priority: P5 CC: best, galkin, gohmann, klaeser, steuwer
Version: UCS 3.2Flags: best: Patch_Available+
Target Milestone: UCS 3.x   
Hardware: Other   
OS: Linux   
See Also: https://forge.univention.org/bugzilla/show_bug.cgi?id=39675
What kind of report is it?: --- What type of bug is this?: ---
Who will be affected by this bug?: --- How will those affected feel about the bug?: ---
User Pain: Enterprise Customer affected?:
School Customer affected?: ISV affected?:
Waiting Support: Flags outvoted (downgraded) after PO Review:
Ticket number: Bug group (optional):
Max CVSS v3 score:
Attachments: patch

Description Dirk Wiesenthal univentionstaff 2014-04-03 14:08:19 CEST 
With error message: No write access to parent. The test whether this list item is shown is simply this.getModule('udm'). Apperently, this is not strict enough.
Comment 1 Dirk Wiesenthal univentionstaff 2014-04-03 14:11:05 CEST 
Or the LDAP Connection used for writing the license in LDAP is not initiated correctly... In this case it is a bug against UDM.
Comment 2 Alexander Kläser univentionstaff 2014-04-04 11:09:36 CEST 
The license is imported via the class umc.modules.udm.tools.LicenseImport. LicenseImport.write() builds up a connection against the localhost LDAP server (explicitely "localhost"), however, the correct LDAP server should be read from UCR variables (should be the master).
Comment 3 Stefan Gohmann univentionstaff 2014-04-04 11:15:34 CEST 
(In reply to Alexander Kläser from comment #2)
> The license is imported via the class umc.modules.udm.tools.LicenseImport.
> LicenseImport.write() builds up a connection against the localhost LDAP
> server (explicitely "localhost"), however, the correct LDAP server should be
> read from UCR variables (should be the master).

Does it use uldap.py? If so, it could use follow_referral=True.
Comment 4 Alexander Kläser univentionstaff 2014-04-04 11:17:02 CEST 
(In reply to Stefan Gohmann from comment #3)
> Does it use uldap.py? If so, it could use follow_referral=True.

No, I quote from the source code:

> …
> ldap_con = ldap.open( "localhost", port = int( ucr.get( 'ldap/server/port', 7389 ) ) )
> ldap_con.simple_bind_s( user_dn, passwd )
> …
Comment 5 Florian Best univentionstaff 2015-01-09 15:16:38 CET 
Would it break something to change it using univention.admin.uldap.getMachineConnection(follow_referral=True/user_master=True) ?
Comment 6 Florian Best univentionstaff 2015-01-12 12:52:31 CET 
Created attachment 6591 [details]
patch

use univention.uldap with a connection from the current user to the LDAP master.
Comment 7 Florian Best univentionstaff 2015-11-17 22:53:01 CET 
Fixed along with Bug #39675.

*** This bug has been marked as a duplicate of bug 39675 ***
Comment 8 Florian Best univentionstaff 2015-11-20 11:48:25 CET 
*** Bug 29592 has been marked as a duplicate of this bug. ***