Univention Bugzilla – Bug 38075
kerberos/kdcentry created without univentionObjectType
Last modified: 2018-04-13 13:30:24 CEST
Same goes for some default kerberos/kdcentry objects. dn: krb5PrincipalName=krbtgt/FQ.DN@FQ.DN,cn=kerberos,$ldap_base dn: krb5PrincipalName=kadmin/changepw@FQ.DN,cn=kerberos,$ldap_base dn: krb5PrincipalName=kadmin/admin@FQ.DN,cn=kerberos,$ldap_base dn: krb5PrincipalName=changepw/kerberos@FQ.DN,cn=kerberos,$ldap_base dn: krb5PrincipalName=kadmin/hprop@FQ.DN,cn=kerberos,$ldap_base dn: krb5PrincipalName=WELLKNOWN/ANONYMOUS@FQ.DN,cn=kerberos,$ldap_base dn: krb5PrincipalName=WELLKNOWN/org.h5l.fast-cookie@WELLKNOWN:ORG.H5L,cn=kerberos,$ldap_base Don't know if we should adapt that. WONTFIX? +++ This bug was initially created as a clone of Bug #38073 +++ If a DHCP host or DNS alias is created by modifying/adding the entry at a computer object no univentionObjectType attribute is added. When using the regular DNS/DHCP module it is. The created DHCP objects e.g. only have the objectClass univentionDhcpHost which is also used by the identify() method but this maybe fail if in some rare cases UMC-UDM identifies objects by their univentionObjectType attribute which then does not exists. Attached patch fixes this for newly created objects.
lookup() and identify() methods are fine.
univentionObjectType is only for performance optimization. We have to modify the Kerberos server because theses objects are directly created via Heimdal.
Okay ;)