Bug 40813 – sync ucs to ad should skip creation of objects missing in UDM

Bug 40813 - sync ucs to ad should skip creation of objects missing in UDM


Summary:	sync ucs to ad should skip creation of objects missing in UDM

Status:	CLOSED FIXED

Product:	UCS
Classification:	Unclassified
Component:	AD Connector
Version:	UCS 4.1
Hardware:	Other Linux

Importance:	P5 normal (vote)
Target Milestone:	UCS 4.2-2-errata
Assigned To:	Arvid Requate
QA Contact:	Felix Botner

URL:
Keywords:

Depends on:	32263
Blocks:	18501 42524
	Show dependency tree / graph

Reported:	2016-03-01 19:59 CET by Stefan Gohmann
Modified:	2017-11-01 13:49 CET (History)
CC List:	4 users (show)

See Also:
What kind of report is it?:	Bug Report
What type of bug is this?:	5: Major Usability: Impairs usability in key scenarios
Who will be affected by this bug?:	2: Will only affect a few installed domains
How will those affected feel about the bug?:	3: A User would likely not purchase the product
User Pain:	0.171
Enterprise Customer affected?:
School Customer affected?:
ISV affected?:
Waiting Support:
Flags outvoted (downgraded) after PO Review:
Ticket number:
Bug group (optional):	Further conceptual development
Max CVSS v3 score:

Flags:	oyen: Patch_Available+

Attachments
Patches to the AD-Connector and a test-case (20.00 KB, application/x-tar) 2017-01-31 15:06 CET, Lukas Oyen	Details
Patches to the AD-Connector and a test-case (20.00 KB, application/x-tar) 2017-02-01 14:28 CET, Lukas Oyen	Details
Patches to the AD-Connector and a test-case (updated) (20.00 KB, application/x-tar) 2017-02-01 16:55 CET, Lukas Oyen	Details
Show Obsolete (2) View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Stefan Gohmann

2016-03-01 19:59:04 CET

The S4 connector changes should be synced to the AD connector.

+++ This bug was initially created as a clone of Bug #32263 +++

In a backup2master scenario the attached behaviour of the univention-s4-connector was observed, where an object is created by the S4 Connector which was deleted before both in UDM and Samba4. The S4 Connector should maybe better not attempt to create such an object? In this case it resulted in a reject (for some reason) and later led to the resurrection of the deleted object (in OpenLDAP, not in Samba4, which is not optimal either).

Comment 1 Stefan Gohmann

2016-03-01 20:00:57 CET

Please remove the skip_admember tag in 66_udm-computers/20_computer_password when this issue has been fixed.

Comment 2 Lukas Oyen

2017-01-31 15:06:28 CET

Created attachment 8388 [details]
Patches to the AD-Connector and a test-case

The attached patches ports the storing of deleted object `entryUUID`s in the `UCS deleted` table from the s4-connector and copies the test case 022_concurrent_deletion_in_ucs from the s4-connector tests.

Unfortunately this test does not fail prior to the ported patch. But it does fail after applying it either.

All ad-connector tests are passing on a UCS master 4.1-4 with bidirectional sync against a Windows Server 2012 set to german.

Comment 3 Lukas Oyen

2017-02-01 14:28:39 CET

Created attachment 8391 [details]
Patches to the AD-Connector and a test-case

Updated version of the patches with variable renamed from '*s4*' to '*ad*'.

Comment 4 Lukas Oyen

2017-02-01 16:55:53 CET

Created attachment 8395 [details]
Patches to the AD-Connector and a test-case (updated)

Updated patches with fixed indentation.

Comment 5 Lukas Oyen

2017-07-06 11:35:26 CEST

Committed in r80899 (advisory r80906)

Tests added/enabled in r80901/r80902.

Comment 6 Felix Botner

2017-10-26 13:09:36 CEST

OK - code review
OK - test
OK - YAML

TODO wait for jenkins tests

Comment 7 Felix Botner

2017-11-01 12:10:04 CET

OK

Comment 8 Arvid Requate

2017-11-01 13:49:20 CET

<http://errata.software-univention.de/ucs/4.2/205.html>