Univention Bugzilla – Full Text Bug Listing |
Summary: | Some object classes in extended attributes raise "invalid structural object class chain" | ||
---|---|---|---|
Product: | UCS | Reporter: | ch <C.Herrmann> |
Component: | UDM - Extended Attributes | Assignee: | Florian Best <best> |
Status: | CLOSED FIXED | QA Contact: | Arvid Requate <requate> |
Severity: | normal | ||
Priority: | P5 | CC: | andree.hingst, best, gohmann, grandjean, klaeser, stephan.hendl, walkenhorst |
Version: | UCS 3.2 | ||
Target Milestone: | UCS 4.0-0-errata | ||
Hardware: | All | ||
OS: | Linux | ||
See Also: | https://forge.univention.org/bugzilla/show_bug.cgi?id=51364 | ||
What kind of report is it?: | --- | What type of bug is this?: | --- |
Who will be affected by this bug?: | --- | How will those affected feel about the bug?: | --- |
User Pain: | Enterprise Customer affected?: | ||
School Customer affected?: | ISV affected?: | ||
Waiting Support: | Flags outvoted (downgraded) after PO Review: | ||
Ticket number: | Bug group (optional): | External feedback, Usability | |
Max CVSS v3 score: |
Description
ch
2014-09-02 14:13:57 CEST
Ticket#: 2014091621000219 Customer reportet this when adding an EA for "ou" (organizationalPerson) to the usertemplate module. If I understand correctly: You want to create a user template which adds the object class organizationalPerson/inetOrgPerson to the user which will be created by that template? Then this approach is wrong. You would have to create that extended attribute for a user (not for a user template). And then a user template have to be created which sets a value for the extended attribute. (which is currently not possible). I'll check in a few days if this is possible using 2 extended attributes. A LDAP schema extension is required which adds a auxiliary object class with the wanted attributes as "MAY". The following example works: objectclass ( 2.16.840.1.113730.3.2.2123456789 NAME 'univentionInetOrgPerson' DESC 'Auxiliary object class which allows to use inetOrgPersion attributes in user templates' AUXILIARY MAY ( audio $ businessCategory $ carLicense $ departmentNumber $ displayName $ employeeNumber $ employeeType $ givenName $ homePhone $ homePostalAddress $ initials $ jpegPhoto $ labeledURI $ mail $ manager $ mobile $ o $ pager $ photo $ roomNumber $ secretary $ uid $ userCertificate $ x500uniqueIdentifier $ preferredLanguage $ userSMIMECertificate $ userPKCS12 ) ) The following extended attribute adds 'carLicense' to Users and User templates: dn: cn=template,cn=custom attributes,cn=univention,dc=ldap,dc=base cn: template univentionObjectType: settings/extended_attribute univentionUDMPropertyLdapMapping: carLicense univentionUDMPropertyValueMayChange: 1 univentionUDMPropertyObjectClass: univentionInetOrgPerson univentionUDMPropertyModule: settings/usertemplate univentionUDMPropertyModule: users/user univentionUDMPropertyShortDescription: carLicense univentionUDMPropertyCLIName: carLicense objectClass: top objectClass: univentionUDMProperty objectClass: univentionObject univentionUDMPropertyLayoutDisable: 0 univentionUDMPropertyDoNotSearch: 0 univentionUDMPropertyMultivalue: 0 univentionUDMPropertyVersion: 2 univentionUDMPropertyValueRequired: 0 univentionUDMPropertyLayoutFullWidth: 0 univentionUDMPropertyDeleteObjectClass: 0 univentionUDMPropertyLayoutTabAdvanced: 0 univentionUDMPropertyLayoutOverwriteTab: 0 univentionUDMPropertyValueNotEditable: 0 @Stefan: We could also add all attributes from inetOrgPerson and parent object classes into the univentionUserTemplate schemata. The schema for univentionUserTemplate has been adapted to include all attributes from person, organizationalPerson and inetOrgPerson. To add the attribute carLicense to User and UserTemplate two extended attributes with the same "UDM CLI name" have to be created: 1. Modules=User, LDAP object class=inetOrgPerson, LDAP attribute=carLicense 2. Modules="Settings: User Template", LDAP object class=univentionUserTemplate, LDAP attribute=carLicense Fix: svn r57312 r57313 Package: univention-ldap Version: 11.0.11-2.731.201501141228 Branch: ucs_4.0-0 Scope: errata4.0-0 YAML: 2015-01-14-univention-ldap.yaml Ok, all attributes from inetOrgPerson, organizationalPerson and person are now allowed for univentionUserTemplate as well. Functional test: Ok Advisory: Ok |