Bug 53455

Summary:	Add diagnostic check for LDAP schema (slapschema)
Product:	UCS	Reporter:	Arvid Requate <requate>
Component:	UMC - System diagnostic	Assignee:	Juan Pedro Torres <juan.torres-munoz>
Status:	CLOSED FIXED	QA Contact:	Arvid Requate <requate>
Severity:	normal
Priority:	P5	CC:	best, juan.torres-munoz
Version:	UCS 5.0
Target Milestone:	UCS 5.0-1-errata
Hardware:	Other
OS:	Linux
URL:	https://git.knut.univention.de/univention/ucs/-/merge_requests/307
See Also:	https://forge.univention.org/bugzilla/show_bug.cgi?id=45571 https://forge.univention.org/bugzilla/show_bug.cgi?id=23055 https://forge.univention.org/bugzilla/show_bug.cgi?id=54453
What kind of report is it?:	Development Internal	What type of bug is this?:	---
Who will be affected by this bug?:	---	How will those affected feel about the bug?:	---
User Pain:		Enterprise Customer affected?:
School Customer affected?:		ISV affected?:
Waiting Support:		Flags outvoted (downgraded) after PO Review:
Ticket number:		Bug group (optional):	bitesize
Max CVSS v3 score:
Bug Depends on:
Bug Blocks:	54681

Description Arvid Requate

2021-06-16 11:21:19 CEST

Recently we had a support case in a project where a trivial udm modify aborted with

LDAP Error: Undefined attribute type: entry update failed

In that case slapschema reported an attribute (characteristic: uppercase) found in the OpenLDAP backend data that was not defined in the LDAP schema. Specifically it was an operational attribute from slapo-lastbind that had been active temporarily for some experiment in that environment.

IIRC the slapschema output was something like this:

54f0829b UNKNOWN attributeDescription “AUTHTIMESTAMP” inserted.


With sufficient slapd debug level the string "UNKNOWN" stuck out in the syslog.

Comment 1 Juan Pedro Torres

2022-03-15 11:46:13 CET

New plugin developed to diagnose if there is missing LDAP schemas refereed by an existing object. Added test file or the plugin.


univention-management-console-module-diagnostic.yaml
fd15f3f115d3 | Bug #53455: update YAML for univention management console module diagnostic
73b09084ea1c | Bug #53455: updated changelog and advisory

univention-management-console-module-diagnostic (6.0.0-26)
73b09084ea1c | Bug #53455: updated changelog and advisory

univention-management-console-module-diagnostic (6.0.0-25)
21cc6090c343 | Bug #53455: Diagnostic tool for missing schemas

ucs-test (10.0.6-101)
95b4c0ec4f50 | Bug #53455: Added test case for the diagnostic tool

Comment 2 Arvid Requate

2022-03-30 14:06:59 CEST

Verified:
* Code review
* Package update
* Functional test
* ucs-test Testcase
* Advisory

Comment 3 Erik Damrose

2022-04-06 17:31:01 CEST

<https://errata.software-univention.de/#/?erratum=5.0x285>