Bug 40234

Summary: Re-creating a user at a different position doesn't work
Product: UCS Reporter: Stefan Gohmann <gohmann>
Component: S4 ConnectorAssignee: Stefan Gohmann <gohmann>
Status: CLOSED FIXED QA Contact: Arvid Requate <requate>
Severity: normal    
Priority: P5    
Version: UCS 4.0   
Target Milestone: UCS 4.0-4-errata   
Hardware: Other   
OS: Linux   
See Also: https://forge.univention.org/bugzilla/show_bug.cgi?id=41756
What kind of report is it?: --- What type of bug is this?: ---
Who will be affected by this bug?: --- How will those affected feel about the bug?: ---
User Pain: Enterprise Customer affected?:
School Customer affected?: ISV affected?:
Waiting Support: Flags outvoted (downgraded) after PO Review:
Ticket number: Bug group (optional):
Max CVSS v3 score:
Bug Depends on: 40233    
Bug Blocks:    

Description Stefan Gohmann univentionstaff 2015-12-12 14:45:16 CET 
Needs to be backported to UCS 4.0.

+++ This bug was initially created as a clone of Bug #40233 +++

In a UCS@school environment, a student has been removed at school A and added at school B. The new student is removed by the connector:

From the logfile:
sync from ucs: [          user] [    delete] cn=studentX,cn=schueler,cn=users,ou=schoolA,DC=test,DC=local
sync from ucs: [          user] [       add] cn=studentX,cn=schueler,cn=users,ou=schoolB,DC=test,DC=local
sync to ucs:   [          user] [    modify] uid=studentX,cn=schueler,cn=users,ou=schoolB,dc=test,dc=local
sync to ucs:   [          user] [    delete] uid=studentX,cn=schueler,cn=users,ou=schoolB,dc=test,dc=local
sync from ucs: [          user] [    delete] CN=studentX,cn=schueler,cn=users,ou=schoolB,DC=test,DC=local
sync to ucs:   [          user] [    delete] uid=studentX,cn=schueler,cn=users,ou=schoolB,dc=test,dc=local
sync from ucs: [          user] [       add] cn=studentX,cn=schueler,cn=users,ou=schoolA,DC=test,DC=local

Since the student has been removed from the internal DN mapping, the user is search via the samaccountname:
__dn_from_deleted_object: get DN from lastKnownParent (CN=schueler,CN=users,OU=schoolA,DC=test,DC=local) and rdn (cn=studentX)
object_from_element: DN of removed object: cn=studentX,CN=schueler,CN=users,OU=schoolA,DC=test,DC=local
_ignore_object: Do not ignore cn=studentX,CN=schueler,CN=users,OU=schoolA,DC=test,DC=local
samaccount_dn_mapping: samaccountname is:studentX
samaccount_dn_mapping: olddn: uid=studentX,cn=schueler,cn=users,ou=schoolA,dc=test,dc=local
samaccount_dn_mapping: newdn: uid=studentX,cn=schueler,cn=users,ou=schoolB,dc=test,dc=local
_ignore_object: Do not ignore uid=studentX,cn=schueler,cn=users,ou=schoolB,dc=test,dc=local
get_ucs_object: object found: uid=studentX,cn=schueler,cn=users,ou=schoolB,dc=test,dc=local
sync to ucs:   [          user] [    delete] uid=studentX,cn=schueler,cn=users,ou=schoolB,dc=test,dc=local
Return  result for DN (uid=studentX,cn=schueler,cn=users,ou=schoolB,dc=test,dc=local)

I think we shouldn't remove the DN mapping while removing the user, see attached patch.

Ticket #2015111821000638
Comment 1 Stefan Gohmann univentionstaff 2015-12-12 20:26:03 CET 
Fix: r66294 → in case of a deletion, the premapped DN must be used

YAML: r66296

Test case: r66295 → 52_s4connector/125sync_recreate_user_at_different_position

Waiting for the test results, Jenkins job for 4.0-4errata has been started:
http://jenkins.knut.univention.de:8080/job/UCS-4.0/job/UCS-4.0-4/job/Autotest%20MultiEnv/4/
Comment 2 Stefan Gohmann univentionstaff 2015-12-14 21:43:44 CET 
See Bug #40233 for more details. Two more changes:

r66326:
* Don't use the premapped DN in case the sAMAccountName has been
  changed (Bug #40234)

r66328:
* YAML update Bug #40234
Comment 4 Arvid Requate univentionstaff 2015-12-21 16:02:51 CET 
Code review: Same as in UCS4.1-0
Update & Test: Ok
Advisory: Ok
Comment 5 Arvid Requate univentionstaff 2015-12-23 11:35:35 CET 
<http://errata.software-univention.de/ucs/4.0/377.html>