Univention Bugzilla – Full Text Bug Listing |
Summary: | S4-Connector sync to ucs: unable to sync CN=PSPs and CN=Managed Service Accounts - objects are currently locked | ||
---|---|---|---|
Product: | UCS@school | Reporter: | Nico Stöckigt <stoeckigt> |
Component: | Samba 4 - Slave PDC | Assignee: | Samba maintainers <samba-maintainers> |
Status: | NEW --- | QA Contact: | |
Severity: | normal | ||
Priority: | P5 | CC: | best, markus.daehlmann, requate, scheinig, schwardt, troeder |
Version: | UCS@school 4.4 | ||
Target Milestone: | --- | ||
Hardware: | Other | ||
OS: | Linux | ||
What kind of report is it?: | Bug Report | What type of bug is this?: | 3: Simply Wrong: The implementation doesn't match the docu |
Who will be affected by this bug?: | 3: Will affect average number of installed domains | How will those affected feel about the bug?: | 1: Nuisance – not a big deal but noticeable |
User Pain: | 0.051 | Enterprise Customer affected?: | |
School Customer affected?: | Yes | ISV affected?: | |
Waiting Support: | Flags outvoted (downgraded) after PO Review: | ||
Ticket number: | 2019121621000347, 2020062421000591 | Bug group (optional): | |
Max CVSS v3 score: | |||
Bug Depends on: | 51679, 48084, 48752, 49034 | ||
Bug Blocks: |
Description
Nico Stöckigt
2019-12-16 11:15:50 CET
This only seems to affect school dc's which are initially installed with Samba 4.10; older ones doesn't show this issue. Even with the erratum for Bug #48752 installed? (In reply to Arvid Requate from comment #2) > Even with the erratum for Bug #48752 installed? Yes, the new behaviour introduced with that errata (creating the 2 containers in LDAP before provisioning Samba) now triggers these rejects on all school slaves that were provisioned with Samba 4.10 and thus, already had them in S4. Older servers just created them in S4 without error. I could just remove the rejects but they would reappear each time those containers are modified in LDAP. Even with errata for Bug 48752 it occurs "again?" 21.06.2020 06:25:25.557 LDAP (PROCESS): sync to ucs: Resync rejected dn: CN=PSPs,CN=System,DC=school,DC=intranet 21.06.2020 06:25:25.563 LDAP (PROCESS): sync to ucs: [ container] [ add] u'CN=PSPs,CN=System,dc=school,dc=intranet' 21.06.20 06:25:25.898 ADMIN ( ERROR ) : Creating u'cn=PSPs,CN=System,dc=school,dc=intranet' failed: Traceback (most recent call last): File "/usr/lib/python2.7/dist-packages/univention/admin/handlers/__init__.py", line 1282, in _create self.lo.add(self.dn, al, serverctrls=serverctrls, response=response) File "/usr/lib/python2.7/dist-packages/univention/admin/uldap.py", line 860, in add raise univention.admin.uexceptions.permissionDenied permissionDenied 21.06.2020 06:25:25.898 LDAP (ERROR ): Unknown Exception during sync_to_ucs 21.06.2020 06:25:25.900 LDAP (ERROR ): Traceback (most recent call last): File "/usr/lib/python2.7/dist-packages/univention/s4connector/__init__.py", line 1537, in sync_to_ucs result = self.add_in_ucs(property_type, object, module, position) File "/usr/lib/python2.7/dist-packages/univention/s4connector/__init__.py", line 1278, in add_in_ucs res = ucs_object.create(serverctrls=serverctrls, response=response) File "/usr/lib/python2.7/dist-packages/univention/admin/handlers/__init__.py", line 557, in create dn = self._create(response=response, serverctrls=serverctrls) File "/usr/lib/python2.7/dist-packages/univention/admin/handlers/__init__.py", line 1298, in _create six.reraise(exc[0], exc[1], exc[2]) File "/usr/lib/python2.7/dist-packages/univention/admin/handlers/__init__.py", line 1282, in _create self.lo.add(self.dn, al, serverctrls=serverctrls, response=response) File "/usr/lib/python2.7/dist-packages/univention/admin/uldap.py", line 860, in add raise univention.admin.uexceptions.permissionDenied permissionDenied ================================================================================================================= and ================================================================================================================= 21.06.2020 06:25:25.901 LDAP (PROCESS): sync to ucs: Resync rejected dn: CN=Managed Service Accounts,DC=school,DC=intranet 21.06.2020 06:25:25.906 LDAP (PROCESS): sync to ucs: [ container] [ add] u'CN=Managed Service Accounts,dc=school,dc=intranet' 21.06.20 06:25:26.213 ADMIN ( ERROR ) : Creating u'cn=Managed Service Accounts,dc=school,dc=intranet' failed: Traceback (most recent call last): File "/usr/lib/python2.7/dist-packages/univention/admin/handlers/__init__.py", line 1282, in _create self.lo.add(self.dn, al, serverctrls=serverctrls, response=response) File "/usr/lib/python2.7/dist-packages/univention/admin/uldap.py", line 860, in add raise univention.admin.uexceptions.permissionDenied permissionDenied 21.06.2020 06:25:26.213 LDAP (ERROR ): Unknown Exception during sync_to_ucs 21.06.2020 06:25:26.213 LDAP (ERROR ): Traceback (most recent call last): File "/usr/lib/python2.7/dist-packages/univention/s4connector/__init__.py", line 1537, in sync_to_ucs result = self.add_in_ucs(property_type, object, module, position) File "/usr/lib/python2.7/dist-packages/univention/s4connector/__init__.py", line 1278, in add_in_ucs res = ucs_object.create(serverctrls=serverctrls, response=response) File "/usr/lib/python2.7/dist-packages/univention/admin/handlers/__init__.py", line 557, in create dn = self._create(response=response, serverctrls=serverctrls) File "/usr/lib/python2.7/dist-packages/univention/admin/handlers/__init__.py", line 1298, in _create six.reraise(exc[0], exc[1], exc[2]) File "/usr/lib/python2.7/dist-packages/univention/admin/handlers/__init__.py", line 1282, in _create self.lo.add(self.dn, al, serverctrls=serverctrls, response=response) File "/usr/lib/python2.7/dist-packages/univention/admin/uldap.py", line 860, in add raise univention.admin.uexceptions.permissionDenied permissionDenied ======================================================================================================================= (In reply to Christina Scheinig from comment #4) > Even with errata for Bug 48752 it occurs "again?" > > 21.06.2020 06:25:25.557 LDAP (PROCESS): sync to ucs: Resync rejected > dn: CN=PSPs,CN=System,DC=school,DC=intranet > 21.06.2020 06:25:25.563 LDAP (PROCESS): sync to ucs: [ > container] [ add] u'CN=PSPs,CN=System,dc=school,dc=intranet' > 21.06.20 06:25:25.898 ADMIN ( ERROR ) : Creating > u'cn=PSPs,CN=System,dc=school,dc=intranet' failed: Traceback (most recent > call last): > File > "/usr/lib/python2.7/dist-packages/univention/admin/handlers/__init__.py", > line 1282, in _create > self.lo.add(self.dn, al, serverctrls=serverctrls, response=response) > File "/usr/lib/python2.7/dist-packages/univention/admin/uldap.py", line > 860, in add > raise univention.admin.uexceptions.permissionDenied > permissionDenied > > 21.06.2020 06:25:25.898 LDAP (ERROR ): Unknown Exception during > sync_to_ucs > 21.06.2020 06:25:25.900 LDAP (ERROR ): Traceback (most recent call > last): > File > "/usr/lib/python2.7/dist-packages/univention/s4connector/__init__.py", line > 1537, in sync_to_ucs > result = self.add_in_ucs(property_type, object, module, position) > File > "/usr/lib/python2.7/dist-packages/univention/s4connector/__init__.py", line > 1278, in add_in_ucs > res = ucs_object.create(serverctrls=serverctrls, response=response) > File > "/usr/lib/python2.7/dist-packages/univention/admin/handlers/__init__.py", > line 557, in create > dn = self._create(response=response, serverctrls=serverctrls) > File > "/usr/lib/python2.7/dist-packages/univention/admin/handlers/__init__.py", > line 1298, in _create > six.reraise(exc[0], exc[1], exc[2]) > File > "/usr/lib/python2.7/dist-packages/univention/admin/handlers/__init__.py", > line 1282, in _create > self.lo.add(self.dn, al, serverctrls=serverctrls, response=response) > File "/usr/lib/python2.7/dist-packages/univention/admin/uldap.py", line > 860, in add > raise univention.admin.uexceptions.permissionDenied > permissionDenied > ============================================================================= > ==================================== > and > ============================================================================= > ==================================== > 21.06.2020 06:25:25.901 LDAP (PROCESS): sync to ucs: Resync rejected > dn: CN=Managed Service Accounts,DC=school,DC=intranet > 21.06.2020 06:25:25.906 LDAP (PROCESS): sync to ucs: [ > container] [ add] u'CN=Managed Service Accounts,dc=school,dc=intranet' > 21.06.20 06:25:26.213 ADMIN ( ERROR ) : Creating u'cn=Managed > Service Accounts,dc=school,dc=intranet' failed: Traceback (most recent call > last): > File > "/usr/lib/python2.7/dist-packages/univention/admin/handlers/__init__.py", > line 1282, in _create > self.lo.add(self.dn, al, serverctrls=serverctrls, response=response) > File "/usr/lib/python2.7/dist-packages/univention/admin/uldap.py", line > 860, in add > raise univention.admin.uexceptions.permissionDenied > permissionDenied > > 21.06.2020 06:25:26.213 LDAP (ERROR ): Unknown Exception during > sync_to_ucs > 21.06.2020 06:25:26.213 LDAP (ERROR ): Traceback (most recent call > last): > File > "/usr/lib/python2.7/dist-packages/univention/s4connector/__init__.py", line > 1537, in sync_to_ucs > result = self.add_in_ucs(property_type, object, module, position) > File > "/usr/lib/python2.7/dist-packages/univention/s4connector/__init__.py", line > 1278, in add_in_ucs > res = ucs_object.create(serverctrls=serverctrls, response=response) > File > "/usr/lib/python2.7/dist-packages/univention/admin/handlers/__init__.py", > line 557, in create > dn = self._create(response=response, serverctrls=serverctrls) > File > "/usr/lib/python2.7/dist-packages/univention/admin/handlers/__init__.py", > line 1298, in _create > six.reraise(exc[0], exc[1], exc[2]) > File > "/usr/lib/python2.7/dist-packages/univention/admin/handlers/__init__.py", > line 1282, in _create > self.lo.add(self.dn, al, serverctrls=serverctrls, response=response) > File "/usr/lib/python2.7/dist-packages/univention/admin/uldap.py", line > 860, in add > raise univention.admin.uexceptions.permissionDenied > permissionDenied > > ============================================================================= > ========================================== So this is bollocks, it is not a locked object. But is is then a new Bug, or do we have already announced this issue? It is the same as Bug 48752? |