Univention Bugzilla – Bug 49228
resync-objects.py script has hard coded 389 ldap port
Last modified: 2019-05-02 13:22:19 CEST
resync-objects.py script has hard coded 389 ldap port The 4.4 radius implementation uses this script to resync the shared secret of existing authenticators to slaves. In case samba4 is installed on the slave the script fails. Use uldap.getRootDnConnection instead.
Traceback (most recent call last): File "/usr/share/univention-directory-listener/resync-objects.py", line 108, in <module> main() File "/usr/share/univention-directory-listener/resync-objects.py", line 69, in main local = uldap.access(binddn=binddn, bindpw=bindpw, start_tls=0, host="localhost", port=389) File "/usr/lib/pymodules/python2.7/univention/uldap.py", line 244, in _init_ self.__open(ca_certfile) File "/usr/lib/pymodules/python2.7/univention/uldap.py", line 310, in __open self.lo.simple_bind_s(self.binddn, self.__encode_pwd(self.bindpw)) File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 949, in simple_bind_s res = self._apply_method_s(SimpleLDAPObject.simple_bind_s,*args,**kwargs) File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 931, in _apply_method_s return func(self,*args,**kwargs) File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 223, in simple_bind_s resp_type, resp_data, resp_msgid, resp_ctrls = self.result3(msgid,all=1,timeout=self.timeout) File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 514, in result3 resp_ctrl_classes=resp_ctrl_classes File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 521, in result4 ldap_result = self._ldap_call(self._l.result4,msgid,all,timeout,add_ctrls,add_intermediates,add_extop) File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 106, in _ldap_call result = func(*args,**kwargs) ldap.STRONG_AUTH_REQUIRED: {'info': 'BindSimple: Transport encryption required.', 'desc': 'Strong(er) authentication required'}
Resync of objects that did not already exist locally was also broken and should now be fixed. [4.4-0 0f6e8816ca] Bug #49228: Fix resync-objects script [4.4-0 de9b5359dc] Bug #49228: yaml Package: univention-directory-listener Version: 13.0.2-3A~4.4.0.201904251701 Branch: ucs_4.4-0 Scope: errata4.4-0
The script now stops if server/role is not set to domaincontroller_backup or domaincontroller_slave. [4.4-0 4390e78584] Bug #49228: exit resync-objects.py early on master servers [4.4-0 de983c3cc4] Bug #49228: yaml Package: univention-directory-listener Version: 13.0.2-4A~4.4.0.201904261449 Branch: ucs_4.4-0 Scope: errata4.4-0
[4.4-0 b0aebe4de9] Bug #49228: only update object if attributes differ [4.4-0 25ec96f783] Bug #49228: yaml Package: univention-directory-listener Version: 13.0.2-5A~4.4.0.201904282204 Branch: ucs_4.4-0 Scope: errata4.4-0
OK - univention-directory-listener OK - univention-directory-listener.yaml
<http://errata.software-univention.de/ucs/4.4/69.html>