Univention Bugzilla – Full Text Bug Listing |
Summary: | Setting nestedGroup property of groups/group breaks with CamelCase LDAP base | ||
---|---|---|---|
Product: | UCS | Reporter: | Arvid Requate <requate> |
Component: | UDM (Generic) | Assignee: | Florian Best <best> |
Status: | CLOSED DUPLICATE | QA Contact: | Stefan Gohmann <gohmann> |
Severity: | normal | ||
Priority: | P5 | CC: | best, gohmann, troeder |
Version: | UCS 4.0 | ||
Target Milestone: | UCS 4.0-x | ||
Hardware: | Other | ||
OS: | Linux | ||
What kind of report is it?: | --- | What type of bug is this?: | --- |
Who will be affected by this bug?: | --- | How will those affected feel about the bug?: | --- |
User Pain: | Enterprise Customer affected?: | ||
School Customer affected?: | ISV affected?: | ||
Waiting Support: | Flags outvoted (downgraded) after PO Review: | ||
Ticket number: | Bug group (optional): | ||
Max CVSS v3 score: |
Description
Arvid Requate
2015-01-27 13:38:25 CET
Error in example above, here we go again: root@master55:/usr/share/ucs-test# udm groups/group create \ --position cn=groups,dc=FooBar,dc=com --set name=subgroup1 Object created: cn=subgroup1,cn=groups,dc=FooBar,dc=com root@master55:/usr/share/ucs-test# udm-test groups/group modify \ --dn="cn=subgroup1,cn=groups,dc=FooBar,dc=com" \ --set description=bar Object modified: cn=subgroup1,cn=groups,dc=FooBar,dc=com root@master55:/usr/share/ucs-test# udm groups/group modify \ --dn="cn=Domain Admins,cn=groups,dc=FooBar,dc=com" \ --set nestedGroup="cn=subgroup1,cn=groups,dc=FooBar,dc=com" E: object not found Also found via ucs-test cases * 62_udm-groups/05_group_modification_append_nestedGroups * 62_udm-groups/06_group_creation_set_single_letter_name_nestedGroup * 62_udm-groups/08_rename_a_group_which_contains_a_nestedGroup * 62_udm-groups/09_rename_a_nestedGroup * 62_udm-groups/18_group_modification_recursion_set_nestedGroup_to_group_containing_self * 62_udm-groups/23_group_modify_grouptype *** Bug 38088 has been marked as a duplicate of this bug. *** This leads to 96univention-samba4slavepdc.inst breaking, because of E: object not found: DN not found: cn=domain guests,cn=groups,dc=uni,dc=dtr. When trying to create cn=Guests,cn=Builtin,$ldap_base with --append nestedGroup="cn=Domain Guests,cn=groups,$ldap_base". This renders a complete domain almost unusable, because on no further join succeeds. Sidenote: core.schema defines the matching rule 'caseIgnoreIA5Match' for 'dc'. In general DNs are not case insensitive but follow the individual matching rules of the RDN parts. But there are few attributes with exact* matching rules. Unfortunately only the OpenLDAP server code currently implements DN (and attribute) matching properly, so the "proper" solution would be to ask the LDAP-Server (and possibly cache the results per session). Fixed via Bug #43247. I reenabled the test cases. ucs-test (6.0.37-31): r75571 | Bug #37632: Bug #38088: reactivate test cases *** This bug has been marked as a duplicate of bug 43247 *** r75572 | Bug #37632: Bug #38088: reactivate test cases UCS 4.2 merge: ucs-test (7.0.6-38): r75574 | Bug #37632: Bug #38088: reactivate test cases r75573 | Bug #37632: Bug #38088: reactivate test cases OK |