Bug 49018

Summary: UCS 4.3: editing LDAP root object not possible due to structural object class change
Product: UCS Reporter: Florian Best <best>
Component: UMC - LDAP directoryAssignee: Florian Best <best>
Status: CLOSED FIXED QA Contact: Ole Schwiegert <schwiegert>
Severity: normal    
Priority: P5 CC: best, hahn, jalbani, m.bunkus, michelsmidt, peichert, requate, salm, steuwer, voelker
Version: UCS 4.3   
Target Milestone: UCS 4.3-3-errata   
Hardware: Other   
OS: All   
What kind of report is it?: Bug Report What type of bug is this?: 5: Major Usability: Impairs usability in key scenarios
Who will be affected by this bug?: 3: Will affect average number of installed domains How will those affected feel about the bug?: 2: A Pain – users won’t like this once they notice it
User Pain: 0.171 Enterprise Customer affected?: Yes
School Customer affected?: Yes ISV affected?:
Waiting Support: Flags outvoted (downgraded) after PO Review:
Ticket number: 2019030621000178 Bug group (optional): Regression
Max CVSS v3 score:
Bug Depends on: 45842, 47377    
Bug Blocks:    

Description Florian Best univentionstaff 2019-03-17 21:39:09 CET 
This change should be backported for an UCS 4.3-3 erratum.

+++ This bug was initially created as a clone of Bug #47377 +++

Trying to edit and save the LDAP root object (e.g. in order to assign policies to the whole LDAP tree) doesn't work due to the following error message:

> The LDAP object could not be saved: LDAP Error Cannot modify object class: structural object class modification from 'domain' to 'univentionDomain' not allowed

This happens both on systems that started out prior to 4.3 and were updated to 4.3 as well as on newly installed 4.3-1 systems.

How to reproduce:

1. Set up a new domain with 4.3-1
2. Login to the UMC
3. Go to "Domain" → "LDAP directory"
4. Edit the root
5. Change something & click "save"

Note that this functionality still works in my 4.2-4 test system. It's a regression in 4.3-x.
Comment 1 Florian Best univentionstaff 2019-03-17 21:44:05 CET 
The patch has been applied to UCS 4.3-3:

univention-directory-manager-modules (13.0.25-28)
399eb79e9804 | Bug #49018: fix modifying ldap base

univention-directory-manager-modules.yaml
7fa699d7ba8a | YAML Bug #49018
Comment 2 Ole Schwiegert univentionstaff 2019-03-20 09:03:31 CET 
Advisory&Changelog: OK
Package installs: OK
Jenkins tests do not indicate a problem with the patch: OK
Fix works: OK
  - The ldap base can be modified again
  - No popup regarding DNS anymore
Comment 3 Arvid Requate univentionstaff 2019-03-20 12:38:30 CET 
Advisory validation failed: Line too long. Fixed for you.
Comment 4 Arvid Requate univentionstaff 2019-03-20 12:57:35 CET 
<http://errata.software-univention.de/ucs/4.3/458.html>