Description Stefan Gohmann 2016-04-26 15:40:22 CEST

Needs to be backported to UCS 3.2-8.

+++ This bug was initially created as a clone of Bug #41028 +++

Ticket #2015110521000528

The following traceback occurs in a UCS@school environment. The connector is configured in write mode.

One group member was moved from one OU to another OU. The rename has already performed in the AD. In the detailed debug it is shown that the old DN should be set in AD and the new DN should be removed:

07.04.2016 12:24:11,233 LDAP        (INFO   ): group_members_sync_from_ucs: members to add: [u'cn=user1,cn=schueler,cn=users,ou=oldou,dc=doma,dc=lan']
07.04.2016 12:24:11,234 LDAP        (INFO   ): group_members_sync_from_ucs: members to del: [u'CN=user1,CN=schueler,CN=users,OU=newou,DC=doma,DC=lan']

After a AD connector restart the traceback is resolved automatically.

I guess the group mapping cache is not cleaned during the move.

The traceback:

07.04.2016 12:24:11,248 LDAP        (WARNING): sync failed, saved as rejected
07.04.2016 12:24:11,249 LDAP        (WARNING): Traceback (most recent call last):
  File "/usr/lib/pymodules/python2.6/univention/connector/__init__.py", line 721, in __sync_file_from_ucs
    or (not old_dn and not self.sync_from_ucs(key, object, premapped_ucs_dn, old_dn))):
  File "/usr/lib/pymodules/python2.6/univention/connector/ad/__init__.py", line 2257, in sync_from_ucs
    f(self, property_type, object)
  File "/usr/lib/pymodules/python2.6/univention/connector/ad/__init__.py", line 76, in group_members_sync_from_ucs
    return connector.group_members_sync_from_ucs(key, object)
  File "/usr/lib/pymodules/python2.6/univention/connector/ad/__init__.py", line 1450, in group_members_sync_from_ucs
    self.lo_ad.lo.modify_s(compatible_modstring(object['dn']),[(ldap.MOD_REPLACE, 'member', modlist_members)])
  File "/usr/lib/python2.6/dist-packages/ldap/ldapobject.py", line 322, in modify_s
    return self.result(msgid,all=1,timeout=self.timeout)
  File "/usr/lib/python2.6/dist-packages/ldap/ldapobject.py", line 422, in result
    res_type,res_data,res_msgid = self.result2(msgid,all,timeout)
  File "/usr/lib/python2.6/dist-packages/ldap/ldapobject.py", line 426, in result2
    res_type, res_data, res_msgid, srv_ctrls = self.result3(msgid,all,timeout)
  File "/usr/lib/python2.6/dist-packages/ldap/ldapobject.py", line 432, in result3
    ldap_result = self._ldap_call(self._l.result3,msgid,all,timeout)
  File "/usr/lib/python2.6/dist-packages/ldap/ldapobject.py", line 96, in _ldap_call
    result = func(*args,**kwargs)
NO_SUCH_OBJECT: {'info': "00000525: NameErr: DSID-031A125B, problem 2001 (NO_OBJECT), data 0, best match of:\n\t''\n", 'desc': 'No such object'}