Univention Bugzilla – Bug 35391
Failed first sync may result in attribute deletion
Last modified: 2020-08-12 08:48:40 CEST
The creation of an S4 object is split into multiple LDAP operations. If the first creation was successful and the later modification failed, then the object is not complete in S4. The later back synchronization from S4 to LDAP will perhaps overwrite/delete attributes. One possible solution would be to mark an object as successful created after the successful first sync.
A first version has been added. Let's wait for the ucs-test result. UCS 3.2-3: r53303 UCS 4.0-0: r53306 YAML: r53307
Two test cases have been added: tests/52_s4connector/134sync_incomplete_attribute_ad tests/52_s4connector/134sync_incomplete_attribute_ucs
Cleanup the locking table: UCS 3.2-3: r53329 UCS 4.0-0: r53330 YAML: r53331
I couldn't reproduce this issue -> udm users/user create \ --set username=fb4 \ --set password=univention \ --set lastname=aaa \ --set description=aaa \ --set phone="21132423423424242342244234327748238743283264873264876328746328764873264873268746328746238764873264873268743268746328" \ --set pagerTelephoneNumber=123 sync from ucs: [ user] [ add] cn=fb4,dc=w2k8r2en,dc=test sync_from_ucs: traceback during modify object: cn=fb4,dc=w2k8r2en,dc=test sync from ucs: [ user] [ modify] CN=fb4,dc=w2k8r2en,dc=test sync to ucs: [ user] [ modify] uid=fb4,dc=w2k8r2en,dc=test -> univention-ldapsearch -LLL uid=fb4 description pager dn: uid=fb4,dc=w2k8r2en,dc=test description: aaa pager: 123 OK - ucs3.2-3 OK - 4.0 OK - Tests OK - YAML
http://errata.univention.de/ucs/3.2/199.html
For the reference/bugzilla search: The test case 52_s4connector/134sync_incomplete_attribute_ucs creates an exception in the S4-Connector on purpose: Traceback (most recent call last): File "/usr/lib/python2.7/dist-packages/univention/s4connector/__init__.py", line 891, in __sync_file_from_ucs if ((old_dn and not self.sync_from_ucs(key, mapped_object, pre_mapped_ucs_dn, unicode(old_dn, 'utf8'), old, new)) or (not old_dn and not self.sync_from_ucs(key, mapped_object, pre_mapped_ucs_dn, old_dn, old, new))): File "/usr/lib/python2.7/dist-packages/univention/s4connector/s4/__init__.py", line 2441, in sync_from_ucs self.lo_s4.lo.modify_ext_s(compatible_modstring(object['dn']), compatible_modlist(modlist), serverctrls=ctrls) File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 374, in modify_ext_s resp_type, resp_data, resp_msgid, resp_ctrls = self.result3(msgid,all=1,timeout=self.timeout) File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 514, in result3 resp_ctrl_classes=resp_ctrl_classes File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 521, in result4 ldap_result = self._ldap_call(self._l.result4,msgid,all,timeout,add_ctrls,add_intermediates,add_extop) File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 106, in _ldap_call result = func(*args,**kwargs) INVALID_SYNTAX: {'info': "0000200B: objectclass_attrs: attribute 'telephoneNumber' on entry 'cn=dscezsgk,cn=users,DC=autotest091c,DC=local' contains at least one invalid value!", 'desc': 'Invalid syntax'}