First Last Prev Next    This bug is not in your last search results.
Bug 43229 - confusing warning message in connector.log
confusing warning message in connector.log
Status: CLOSED FIXED
Product: UCS
Classification: Unclassified
Component: AD Connector
UCS 4.1
Other Linux
: P5 normal (vote)
: UCS 4.1-4-errata
Assigned To: Felix Botner
Stefan Gohmann
:
Depends on: 42618
Blocks:
  Show dependency treegraph
 
Reported: 2016-12-20 13:42 CET by Christina Scheinig
Modified: 2017-02-01 12:07 CET (History)
3 users (show)

See Also:
What kind of report is it?: Bug Report
What type of bug is this?: 1: Cosmetic issue or missing function but workaround exists
Who will be affected by this bug?: 3: Will affect average number of installed domains
How will those affected feel about the bug?: 1: Nuisance – not a big deal but noticeable
User Pain: 0.017
Enterprise Customer affected?: Yes
School Customer affected?:
ISV affected?:
Waiting Support:
Flags outvoted (downgraded) after PO Review:
Ticket number: 2016111621000201
Bug group (optional): Error handling
Max CVSS v3 score:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Christina Scheinig univentionstaff 2016-12-20 13:42:30 CET 
Our customer got strange warning messages in his connector.log which are confusing and questions the function.

------------------------------------------------------------------------------------------------------------------
connector.log:
[...]
19.12.2016 09:52:24,19 MAIN        (------ ): DEBUG_INIT
19.12.2016 09:52:24,60 LDAP        (ERROR  ): Failed to lookup AD LDAP base, using UCR value.
19.12.2016 09:52:25,424 LDAP        (PROCESS): Using UNIV as AD Netbios domain name
19.12.2016 09:53:01,622 LDAP        (PROCESS): sync to ucs:   [windowscomputer] [    modify] cn=fnb68112,ou=notebooks,ou=mein,o=sunshinead,c=ad
19.12.2016 09:53:01,647 LDAP        (WARNING): __set_values: no ucs_attribute found in <univention.connector.attribute instance at 0x2d66a28>
19.12.2016 09:53:43,969 MAIN        (------ ): DEBUG_INIT
19.12.2016 09:53:44,15 LDAP        (ERROR  ): Failed to lookup AD LDAP base, using UCR value.
19.12.2016 09:53:45,336 LDAP        (PROCESS): Using UNIV as AD Netbios domain name
19.12.2016 09:54:27,941 LDAP        (PROCESS): sync to ucs:   [windowscomputer] [    modify] cn=fpc60023,ou=computers,ou=dein,o=sunshinead,c=ad
19.12.2016 09:54:27,964 LDAP        (WARNING): __set_values: no ucs_attribute found in <univention.connector.attribute instance at 0x2d66a28>
19.12.2016 09:54:33,975 MAIN        (------ ): DEBUG_INIT
19.12.2016 09:54:34,5 LDAP        (ERROR  ): Failed to lookup AD LDAP base, using UCR value.
19.12.2016 09:54:35,91 LDAP        (PROCESS): Using UNIV as AD Netbios domain name
19.12.2016 09:54:52,196 MAIN        (------ ): DEBUG_INIT
19.12.2016 09:54:52,220 LDAP        (ERROR  ): Failed to lookup AD LDAP base, using UCR value.
19.12.2016 09:54:53,33 LDAP        (PROCESS): Using UNIV as AD Netbios domain name
19.12.2016 09:55:26,673 MAIN        (------ ): DEBUG_INIT
19.12.2016 09:55:26,711 LDAP        (ERROR  ): Failed to lookup AD LDAP base, using UCR value.
19.12.2016 09:55:27,691 LDAP        (PROCESS): Using UNIV as AD Netbios domain name
19.12.2016 09:56:31,791 MAIN        (------ ): DEBUG_INIT
19.12.2016 09:56:31,812 LDAP        (ERROR  ): Failed to lookup AD LDAP base, using UCR value.
19.12.2016 09:56:32,840 LDAP        (PROCESS): Using UNIV as AD Netbios domain name
19.12.2016 09:56:49,395 LDAP        (PROCESS): sync to ucs:   [windowscomputer] [    modify] cn=num090,ou=notebooks,ou=mein,o=sunshinead,c=ad
19.12.2016 09:56:49,418 LDAP        (WARNING): __set_values: no ucs_attribute found in <univention.connector.attribute instance at 0x2d66a28>
19.12.2016 09:59:49,859 MAIN        (------ ): DEBUG_INIT
19.12.2016 09:59:49,888 LDAP        (ERROR  ): Failed to lookup AD LDAP base, using UCR value.
19.12.2016 09:59:51,33 LDAP        (PROCESS): Using UNIV as AD Netbios domain name
19.12.2016 10:00:32,121 LDAP        (PROCESS): sync to ucs:   [windowscomputer] [    modify] cn=ucsmis1,cn=memberserver,cn=computers,o=sunshinead,c=ad
19.12.2016 10:00:32,153 LDAP        (WARNING): __set_values: no ucs_attribute found in <univention.connector.attribute instance at 0x2d66a28>

------------------------------------------------------------------------------------------------------
For this message i already found this Bug 40816 with a workaround
(ERROR  ): Failed to lookup AD LDAP base, using UCR value.

But the message 
(WARNING): __set_values: no ucs_attribute found in <univention.connector.attribute instance at 0x2d66a28>
is not reported by now

I found in /etc/univention/connector/ad/mapping
in line 393 a function, which afaik controls the windowscomputer mapping and 
in line 422 where the attributes are defined I found 'samAccountName' without ucs_attribute defined.
-------------------------------------------------------------------------------------------------------
[...]
'samAccountName': univention.connector.attribute (
                                                        ldap_attribute='uid',
                                                        con_attribute='sAMAccountName',
                                                        compare_function=univention.connector.compare_lowercase,
                                                ),
[...]
-------------------------------------------------------------------------------------------------------
IMHO the missing definition of ucs_attribute causes the warning message.
We should at least define the attribute to get rid of the warning message?
Comment 1 Felix Botner univentionstaff 2017-01-25 15:03:03 CET 
ucs_attribute in samAccountName mapping does not work as we don't have a UDM attribute for the uid (this is handled in the cn mapping).

Actually, the samAccountName mapping is only needed for the "ad to ucs" sync (write mode), because 

Computer name change in AD modifies the cn, cn is mapped to udm:name and udm:name modifies cn and uid.

Computer name change in UCS modifies cn and uid, cn is mapped to cn, and uid to samAccountName (now in write mode)

Added sync_mode='write' to windowscomputer.samAccountName mapping attribute.

YAML: univention-ad-connector.yaml
merged to 4.2
Comment 2 Stefan Gohmann univentionstaff 2017-01-31 16:18:35 CET 
Jenkins tests: OK

Changelog: OK (r76241)

UCS 4.2 merge: OK

Code review: OK

Tests: OK, it works now.
Comment 3 Janek Walkenhorst univentionstaff 2017-02-01 12:07:21 CET 
<http://errata.software-univention.de/ucs/4.1/386.html>
First Last Prev Next    This bug is not in your last search results.