Bug 38075

Summary: kerberos/kdcentry created without univentionObjectType
Product: UCS Reporter: Florian Best <best>
Component: UDM (Generic)Assignee: UMC maintainers <umc-maintainers>
Status: CLOSED WONTFIX QA Contact:
Severity: normal    
Priority: P5 CC: gohmann
Version: UCS 4.0   
Target Milestone: ---   
Hardware: Other   
OS: Linux   
What kind of report is it?: --- What type of bug is this?: ---
Who will be affected by this bug?: --- How will those affected feel about the bug?: ---
User Pain: Enterprise Customer affected?:
School Customer affected?: ISV affected?:
Waiting Support: Flags outvoted (downgraded) after PO Review:
Ticket number: Bug group (optional): Cleanup
Max CVSS v3 score:
Bug Depends on: 38073    
Bug Blocks:    

Description Florian Best univentionstaff 2015-03-18 13:32:02 CET 
Same goes for some default kerberos/kdcentry objects.

dn: krb5PrincipalName=krbtgt/FQ.DN@FQ.DN,cn=kerberos,$ldap_base
dn: krb5PrincipalName=kadmin/changepw@FQ.DN,cn=kerberos,$ldap_base
dn: krb5PrincipalName=kadmin/admin@FQ.DN,cn=kerberos,$ldap_base
dn: krb5PrincipalName=changepw/kerberos@FQ.DN,cn=kerberos,$ldap_base
dn: krb5PrincipalName=kadmin/hprop@FQ.DN,cn=kerberos,$ldap_base
dn: krb5PrincipalName=WELLKNOWN/ANONYMOUS@FQ.DN,cn=kerberos,$ldap_base
dn: krb5PrincipalName=WELLKNOWN/org.h5l.fast-cookie@WELLKNOWN:ORG.H5L,cn=kerberos,$ldap_base

Don't know if we should adapt that. WONTFIX?

+++ This bug was initially created as a clone of Bug #38073 +++

If a DHCP host or DNS alias is created by modifying/adding the entry at a computer object no univentionObjectType attribute is added. When using the regular DNS/DHCP module it is.
The created DHCP objects e.g. only have the objectClass univentionDhcpHost which is also used by the identify() method but this maybe fail if in some rare cases UMC-UDM identifies objects by their univentionObjectType attribute which then does not exists.

Attached patch fixes this for newly created objects.
Comment 1 Florian Best univentionstaff 2015-03-18 13:35:33 CET 
lookup() and identify() methods are fine.
Comment 2 Stefan Gohmann univentionstaff 2015-03-31 11:06:00 CEST 
univentionObjectType is only for performance optimization. We have to modify the Kerberos server because theses objects are directly created via Heimdal.
Comment 3 Florian Best univentionstaff 2015-04-08 09:38:38 CEST 
Okay ;)