Univention Bugzilla – Bug 32638
Improve error handling for incomplete zone entries
Last modified: 2018-04-13 13:29:33 CEST
When adding a windows client with an incorrect reverse zone (zoneName=.in-addr.arpa,cn=dns,etc. - I suppose a not existing dn will do the same here) you'll get: "LDAP Error: No such object" Which is expected, I think (perhaps you better could print the not existing object but anyway...) The main problem is that this operation (which I supposed to do nothing because of an error) creates a dhcp object and an incomplete group membership in Windows Hosts. The dhcp object could be removed without any problem but at "Windows Hosts" only "memberUid" is set (not uniqueMember). So you are not able to remove the membership within UMC, you have to ldapmodify it. This was seen at ticket #2013091821002386 because the following retries to add the windows client showed: "LDAP Error: Type or value exists: modify/add: memberUid: value #0 already exists"
15.09.16 18:31:20.409 ADMIN ( INFO ) : groups/group: open(): member check duration: 0.01s 15.09.16 18:31:20.410 ADMIN (null)Modify dn='cn=Windows Hosts,cn=groups,dc=school,dc=local'; modlist=[('uniqueMember', '', [u'cn=win2\xf6,cn=computers,ou=AlteSchule,dc=school,dc=local']), ('memberUid', '', ['win2\xc3\xb6$'])]; oldattr={'sambaGroupType': ['2'], 'cn': ['Windows Hosts'], 'objectClass': ['top', 'posixGroup', 'univentionGroup', 'sambaGroupMapping', 'univentionObject'], 'memberUid': ['win1$', 'win150$', 'win151$', 'win152$', 'win2\xc3\xb6$'], 'univentionObjectType': ['groups/group'], 'sambaSID': ['S-1-5-21-3298037198-1335792756-2456277288-11011'], 'gidNumber': ['1005'], 'uniqueMember': ['cn=DC Backup Hosts,cn=groups,dc=school,dc=local', 'cn=win1,cn=computers,ou=AlteSchule,dc=school,dc=local', 'cn=win150,cn=computers,ou=AlteSchule,dc=school,dc=local', 'cn=win151,cn=computers,ou=AlteSchule,dc=school,dc=local', 'cn=win152,cn=computers,ou=AlteSchule,dc=school,dc=local']}; 15.09.16 18:31:20.420 ADMIN ( ERROR ) : Post-Create operation failed: Traceback (most recent call last): File "/usr/lib/pymodules/python2.7/univention/admin/handlers/__init__.py", line 722, in _create self._ldap_post_create() File "/usr/lib/pymodules/python2.7/univention/admin/handlers/computers/windows.py", line 481, in _ldap_post_create univention.admin.handlers.simpleComputer.update_groups( self ) File "/usr/lib/pymodules/python2.7/univention/admin/handlers/__init__.py", line 2414, in update_groups groupObject.modify(ignore_license=1) File "/usr/lib/pymodules/python2.7/univention/admin/handlers/__init__.py", line 307, in modify return self._modify(modify_childs,ignore_license=ignore_license) File "/usr/lib/pymodules/python2.7/univention/admin/handlers/__init__.py", line 767, in _modify self.lo.modify(self.dn, ml, ignore_license=ignore_license) File "/usr/lib/pymodules/python2.7/univention/admin/uldap.py", line 429, in modify raise univention.admin.uexceptions.ldapError(_err2str(msg), original_exception=msg) ldapError: Type or value exists: modify/add: memberUid: value #0 already exists
# univention-ldapsearch -LLLb 'cn=Windows Hosts,cn=groups,dc=school,dc=local' uniqueMember memberUid dn: cn=Windows Hosts,cn=groups,dc=school,dc=local uniqueMember: cn=DC Backup Hosts,cn=groups,dc=school,dc=local memberUid: win3$ # /usr/share/pyshared/univention/admincli/admin.py computers/windows create --set name=win3 --position "CN=computers,$(ucr get ldap/base)" Object created: cn=win3,CN=computers,dc=school,dc=local # univention-ldapsearch -LLLb 'cn=Windows Hosts,cn=groups,dc=school,dc=local' uniqueMember memberUid dn: cn=Windows Hosts,cn=groups,dc=school,dc=local uniqueMember: cn=DC Backup Hosts,cn=groups,dc=school,dc=local uniqueMember: cn=win3,cn=computers,dc=school,dc=local memberUid: win3$ *** This bug has been marked as a duplicate of bug 43247 ***