Univention Bugzilla – Full Text Bug Listing |
Summary: | extend ad connector mapping for syncing mailAlternativeAddress attributes | ||
---|---|---|---|
Product: | UCS | Reporter: | Tobias Birkefeld <birkefeld> |
Component: | AD Connector | Assignee: | Arvid Requate <requate> |
Status: | CLOSED FIXED | QA Contact: | Stefan Gohmann <gohmann> |
Severity: | normal | ||
Priority: | P5 | CC: | gohmann, grandjean, walkenhorst |
Version: | UCS 4.1 | ||
Target Milestone: | UCS 4.1-1-errata | ||
Hardware: | Other | ||
OS: | Linux | ||
See Also: |
https://forge.univention.org/bugzilla/show_bug.cgi?id=19619 https://forge.univention.org/bugzilla/show_bug.cgi?id=43216 |
||
What kind of report is it?: | Feature Request | What type of bug is this?: | --- |
Who will be affected by this bug?: | --- | How will those affected feel about the bug?: | --- |
User Pain: | Enterprise Customer affected?: | ||
School Customer affected?: | ISV affected?: | ||
Waiting Support: | Flags outvoted (downgraded) after PO Review: | ||
Ticket number: | 2015120821000628 | Bug group (optional): | |
Max CVSS v3 score: | |||
Bug Depends on: | |||
Bug Blocks: | 41400, 41246 | ||
Attachments: |
connector-old.log
connector-new.log |
Description
Tobias Birkefeld
2016-01-04 16:30:30 CET
requested by customer Ticket#2015120821000628 The package with the updated mapping has been built in errata4.1-1. There is a new pair of UCR variables to activate this for users and group individually: connector/ad/mapping/user/alternativemail and connector/ad/mapping/group/alternativemail. Ad the corresponding pair for primarymail, these two new variables are set by univention-ad-connector-exchange.postinst. I checked that UMC/UDM also accepts smtp:foo@my.domain. I guess there is not much more we should currently do. Advisory: univention-ad-connector.yaml As discussed, it won't be an option to set smtp: in UDM / UMC. I guess this will break the address book and the listener. Ok, then we will have to consider the semantics of the attribute values. Quoting http://blogs.technet.com/b/exchange/archive/2005/01/10/350132.aspx : =============================================================================== proxyAddresses This is the main attribute where e-mail address information is kept. When you open the properties of a recipient in Outlook and look at the "E-mail Addresses" tab, you are looking at this attribute. This is a multi-valued string containing all the addresses that represent the recipient. Each value must have the following format: type:address For example: SMTP:nospam@online.microsoft.com When the type is in uppercase letters, the address is considered to be the primary address of that type and it is used as the default reply address of that recipient. When the type is in lowercase letters, the address is considered a secondary address and is used to resolve addresses during e-mail delivery, allowing the same recipient to receive e-mails directed to different e-mail addresses. For example: Primary: SMTP:currentAlias@domain.com Secondary: smtp:oldAlias@domain.com On the 'Users and Computers' snap-in, this property is edited on the 'E-mail Addresses' page of a recipient. =============================================================================== So, coming from OpenLDAP we would probably create/write the type-prefix in lower case if it doesn't exist yet but we would respect/keep the case in case an address is already present. Adjusted: * proxyAddresses values are now mapped to mailAlternativeAddress values and vice versa * Non-SMTP values in proxyAddresses are preserved and synchonized Testcase: 55_adconnector/130sync_user_mail_attributes Advisory: univention-ad-connector.yaml Attached, you can find two connector logs of the initial sync between UCS and AD. connector-old.log is without these changes and connector-new.log is with these changes. It looks like several containers are renamed with have a different case in AD and in UCS for example cn=users. I guess the reason is, that you moved if type(value) == type(types.ListType()) and len(value) == 1: value = value[0] below the following line: compare=[ucs_object[ucs_key],value] This will lead to a wrong comparison and the container gets renamed. Created attachment 7514 [details]
connector-old.log
Created attachment 7515 [details]
connector-new.log
The autotest were successful. In one case the system wasn't updated to UCS 4.1-1 and thus one test failed: http://jenkins.knut.univention.de:8080/job/UCS-4.1/job/UCS-4.1-1/job/ADConnectorMultiEnv/9/ Jenkins tests: OK YAML: OK Tests: OK, it works. The following UCR variables needs to be set: ucr set connector/ad/mapping/group/primarymail=true \ connector/ad/mapping/user/primarymail=true \ connector/ad/mapping/user/alternativemail=true \ connector/ad/mapping/group/alternativemail=true Lesson's learned while setting up Exchange: - Use the latest Windows version, in this case 2012 - > 30 GB free space - > 4 GB RAM - Use Microsoft sites only with browsers from the Linux Desktop - Install every Exchange role, at least the client access role - be patient ... |