Univention Bugzilla – Full Text Bug Listing |
Summary: | 4.3: Could not get groups for u'Administrator': ldapError: Insufficient access | ||
---|---|---|---|
Product: | UCS | Reporter: | Florian Best <best> |
Component: | Portal | Assignee: | Florian Best <best> |
Status: | CLOSED FIXED | QA Contact: | Dirk Wiesenthal <wiesenthal> |
Severity: | normal | ||
Priority: | P5 | CC: | scheinig, wiesenthal |
Version: | UCS 4.3 | Flags: | best:
Patch_Available+
|
Target Milestone: | UCS 4.3-3-errata | ||
Hardware: | Other | ||
OS: | Linux | ||
See Also: | https://forge.univention.org/bugzilla/show_bug.cgi?id=49011 | ||
What kind of report is it?: | Bug Report | What type of bug is this?: | 3: Simply Wrong: The implementation doesn't match the docu |
Who will be affected by this bug?: | 3: Will affect average number of installed domains | How will those affected feel about the bug?: | 5: Blocking further progress on the daily work |
User Pain: | 0.257 | Enterprise Customer affected?: | |
School Customer affected?: | Yes | ISV affected?: | |
Waiting Support: | Yes | Flags outvoted (downgraded) after PO Review: | |
Ticket number: | 2019030521000572, 2019031321000959, 2019032021000258 | Bug group (optional): | Error handling, External feedback, Workaround is available |
Max CVSS v3 score: | |||
Bug Depends on: | 48943 | ||
Bug Blocks: |
Description
Florian Best
2019-03-14 12:34:22 CET
See also Bug #49011 for an adjustment of server-password-change, that it does a UMC-reload (which would be capable then to re-establish the LDAP connection with the new credentials). But I think this is not necessary if we change from univention.admin.uldap to univention.management.console.ldap. Two of the customer already asked for the fix. I created a untested patch in fbest/48990-fix-reloading-machine-connection: https://github.com/univention/univention-corporate-server/commit/7047dd45f697e21702cc90d09a33043243af9bb8 Ok, the patch works. It uses the univention.managment.console.ldap with write=False to connect to the local ldap server. I applied the patch with one additional change: The LDAP credential cache is now also reset on a "service univention-management-console-web-server reload". univention-management-console (10.0.6-21) 1aa4a2b45f5b | Bug #48990: Merge branch 'fbest/48990-fix-reloading-machine-connection' into 4.3-3 univention-management-console.yaml 1aa4a2b45f5b | Bug #48990: Merge branch 'fbest/48990-fix-reloading-machine-connection' into 4.3-3 OK, works as expected. |