Bug 35572

Summary: guess_ad_domain_language() is broken
Product: UCS Reporter: Felix Botner <botner>
Component: AD ConnectorAssignee: Stefan Gohmann <gohmann>
Status: CLOSED FIXED QA Contact: Felix Botner <botner>
Severity: normal    
Priority: P5 CC: gohmann, walkenhorst
Version: UCS 3.2   
Target Milestone: UCS 3.2-3-errata   
Hardware: Other   
OS: Linux   
What kind of report is it?: --- What type of bug is this?: ---
Who will be affected by this bug?: --- How will those affected feel about the bug?: ---
User Pain: Enterprise Customer affected?:
School Customer affected?: ISV affected?:
Waiting Support: Flags outvoted (downgraded) after PO Review:
Ticket number: Bug group (optional):
Max CVSS v3 score:

Description Felix Botner univentionstaff 2014-08-05 14:15:31 CEST 
After ad connector configuration with a english ad i have 

 connector/ad/mapping/group/language=de

guess_ad_domain_language() runs adsearch on 'cn=Domänen-Admins' and checks the return value (== 0 -> de, else -> en). But the univention-adsearch tool always returns 0 even if the filter does not match.

-> univention-adsearch cn=sadsa;echo $?
#
# univention-adsearch
# filter: cn=sadsa
#

#
# results: 0
#

0

Maybe adsearch() has to filter the output (grep DN:)?

After this, i have two "domain users", "domain guest", ... groups in my ad (sync mode) and rejects.

-> univention-connector-list-rejected 

        UCS rejected

    1:   UCS DN: cn=Domain Guests,cn=groups,dc=w2k8r2en,dc=test
          AD DN: cn=domain guests,cn=users,dc=w2k8r2en,dc=test
         Filename: /var/lib/univention-connector/ad/1407240130.637801

    2:   UCS DN: cn=Domain Users,cn=groups,dc=w2k8r2en,dc=test
          AD DN: cn=domain users,cn=users,dc=w2k8r2en,dc=test
         Filename: /var/lib/univention-connector/ad/1407240133.067947

    3:   UCS DN: cn=Domain Users,cn=groups,dc=w2k8r2en,dc=test
          AD DN: cn=domain users,cn=users,dc=w2k8r2en,dc=test
         Filename: /var/lib/univention-connector/ad/1407240267.797758

    4:   UCS DN: cn=Domain Users,cn=groups,dc=w2k8r2en,dc=test
          AD DN: cn=domain users,cn=users,dc=w2k8r2en,dc=test
         Filename: /var/lib/univention-connector/ad/1407240339.504276


AD rejected
Comment 1 Felix Botner univentionstaff 2014-08-05 14:17:28 CEST 
After 

 ucr set connector/ad/mapping/group/language='en'

the rejects are gone.
Comment 2 Stefan Gohmann univentionstaff 2014-09-02 10:44:10 CEST 
I've fixed the function guess_ad_domain_language(). The function is also called at a later point otherwise the SSL configuration is not ready.
UCS 3.2-3: r53229
UCS 4.0: r53230
YAML: r53231
Comment 3 Felix Botner univentionstaff 2014-09-02 17:34:05 CEST 
OK - AD conn with german AD
OK - AD conn with english AD

OK - YAML
OK - UCS 4.0
Comment 4 Janek Walkenhorst univentionstaff 2014-09-10 17:33:22 CEST 
http://errata.univention.de/ucs/3.2/186.html