Univention Bugzilla – Full Text Bug Listing |
Summary: | 91univention-saml.inst may fail due to extended attributes | ||
---|---|---|---|
Product: | UCS | Reporter: | Florian Best <best> |
Component: | SAML | Assignee: | Florian Best <best> |
Status: | CLOSED FIXED | QA Contact: | Stefan Gohmann <gohmann> |
Severity: | normal | ||
Priority: | P5 | CC: | gohmann, walkenhorst |
Version: | UCS 4.1 | ||
Target Milestone: | UCS 4.1-1-errata | ||
Hardware: | Other | ||
OS: | Linux | ||
See Also: | https://forge.univention.org/bugzilla/show_bug.cgi?id=40824 | ||
What kind of report is it?: | --- | What type of bug is this?: | --- |
Who will be affected by this bug?: | --- | How will those affected feel about the bug?: | --- |
User Pain: | Enterprise Customer affected?: | ||
School Customer affected?: | ISV affected?: | ||
Waiting Support: | Flags outvoted (downgraded) after PO Review: | ||
Ticket number: | Bug group (optional): | External feedback | |
Max CVSS v3 score: |
Description
Florian Best
2016-02-19 16:34:27 CET
Replaced with python :) (which ignores extended-attributes if not manually set up). I hope this will never have side effects due to import errors aka Bug #33359 :D univention-saml (3.0.27-2): r67686 | Bug #40741: Update Copyright r67685 | Bug #40741: don't fail to create SAML user due to extended attributes univention-saml.yaml: r67687 | YAML Bug #40741 *** Bug 40786 has been marked as a duplicate of this bug. *** (In reply to Florian Best from comment #2) > *** Bug 40786 has been marked as a duplicate of this bug. *** Fixed the syntax error by indenting with space instead of tabs. Now you use the admin user and no longer the join credentials. Can you give an example with the extended attributes? Do we have an App which requires extended attributes for users? (In reply to Stefan Gohmann from comment #4) > Now you use the admin user and no longer the join credentials. yes. is that really bad? > Can you give an example with the extended attributes? eval "$(ucr shell)"; udm settings/extended_attribute create --set name=test --set module=users/user --set ldapMapping=univentionFreeAttributes1 --set objectClass=univentionFreeAttributes --set shortDescription=test --set valueRequired=1 --set mayChange=1 --set CLIName=test --set deleteObjectClass=1 --position "cn=custom attributes,cn=univention,$ldap_base" > Do we have an App which requires extended attributes for users? I am not aware of one. Ticket#2016021821000742 As it is only executed on the DC master it is okay to use cn=admin. The creation of such extended attributes is prevent by Bug #40824. ucs-test (6.0.33-33): r67854 | Bug #40741: test SAML user exists Tests: OK ucs-test: OK Code review: OK YAML: OK (small adjustments: r67970) |