#2562 Issues with DS migrated Users
Closed: Fixed None Opened 12 years ago by dpal.

https://bugzilla.redhat.com/show_bug.cgi?id=804609 (Red Hat Enterprise Linux 6)

Description of problem:

After migration of users and groups from 389 directory server, get errors
viewing users and group members from the WebUI.  Not all attributes are
viewable.

Example User from directory server ::

dn: cn=Darcee Leeson,ou=People,dc=example,dc=com
carLicense: 2CGORU4
cn: Darcee Leeson
departmentNumber: 9466
description: This is Darcee Leeson's description
employeeType: Normal
facsimileTelephoneNumber: +1 408 553-4571
givenName: Darcee
homePhone: +1 206 217-8241
initials: D. L.
l: Sunnyvale
mail: Darcee_Leeson@example.com
manager: cn=Mollee Weisenberg,ou=People,dc=example,dc=com
mobile: +1 818 264-2444
objectClass: top
objectClass: person
objectClass: organizationalPerson
objectClass: inetOrgPerson
objectClass: posixAccount
ou: Product Testing
pager: +1 510 405-3251
postalAddress: example.com, Product Testing Dept #795, Room#250
roomNumber: 9844
secretary: cn=Ayaz Kreiger,ou=People,dc=example,dc=com
sn: Leeson
telephoneNumber: +1 804 913-8558
title: Supreme Product Testing Visionary
uid: Darcee_Leeson
uidNumber: 11731
gidNumber: 21731
homeDirectory: /home/Darcee_Leeson
userPassword:: e1NTSEF9VzMySTlBaFBkT0dMa201QU9DQThobW5LSC9RV296RWpCMFJ6TXc9PQ=
 =

Example of user in IPA from CLI after migration ::

# ipa user-find Darcee_Leeson
--------------
1 user matched
--------------
  User login: Darcee_Leeson
  First name: Darcee
  Last name: Leeson
  Home directory: /home/Darcee_Leeson
  Email address: Darcee_Leeson@example.com
  UID: 11731
  GID: 21731
  Telephone Number: +1 804 913-8558
  Job Title: Supreme Product Testing Visionary
  Account disabled: False
  Password: True
  Kerberos keys available: False


Example group from 389 directory server ::

dn: cn=Accounting,ou=Groups,dc=example,dc=com
objectClass: top
objectClass: inetuser
objectClass: groupofnames
objectClass: posixGroup
cn: Accounting
member: cn=Gabbie Sarubbi,ou=People,dc=example,dc=com
member: cn=Klara Eswara,ou=People,dc=example,dc=com
member: cn=Tomasina Kowalsky,ou=People,dc=example,dc=com
member: cn=Merilyn Upton,ou=People,dc=example,dc=com
member: cn=Cang Keighley,ou=People,dc=example,dc=com
member: cn=Idette Risler,ou=People,dc=example,dc=com
member: cn=Leanora Corless,ou=People,dc=example,dc=com
member: cn=Scarlet Witt,ou=People,dc=example,dc=com
member: cn=Laurene Kindem,ou=People,dc=example,dc=com
member: cn=Kin-Wai Wennerstrom,ou=People,dc=example,dc=com
member: cn=Saeed Dehghan,ou=People,dc=example,dc=com
member: cn=Dalenna Spann,ou=People,dc=example,dc=com
member: cn=Lonee Praeuner,ou=People,dc=example,dc=com
member: cn=Clemence Royle,ou=People,dc=example,dc=com
member: cn=Christan Propes,ou=People,dc=example,dc=com
member: cn=Blondelle Rabiasz,ou=People,dc=example,dc=com
member: cn=Loesje Sparkes,ou=People,dc=example,dc=com
member: cn=Gwynith Leigh,ou=People,dc=example,dc=com
member: cn=Ella Markell,ou=People,dc=example,dc=com
member: cn=Gretchen Lightowler,ou=People,dc=example,dc=com
member: cn=Briney Hollingsworth,ou=People,dc=example,dc=com
member: cn=Roxy Winlow,ou=People,dc=example,dc=com
member: cn=Maycel Kardos,ou=People,dc=example,dc=com
member: cn=Marybeth Fuson,ou=People,dc=example,dc=com
member: cn=Frederick Vinnell,ou=People,dc=example,dc=com
member: cn=Janusz Fussell,ou=People,dc=example,dc=com
member: cn=Lorenzo Wilczewski,ou=People,dc=example,dc=com
............

Example of group from IPA after migration ::

# ipa group-find accounting
----------------
2 groups matched
----------------
  Group name: Accounting
  GID: 30000
  Member users: Gabbie Sarubbi, Klara Eswara, Tomasina Kowalsky, Merilyn Upton,
Cang Keighley, Idette Risler, Leanora Corless, Scarlet Witt, Laurene
                Kindem, Kin-Wai Wennerstrom, Saeed Dehghan, Dalenna Spann,
Lonee Praeuner, Clemence Royle, Christan Propes, Blondelle Rabiasz, Loesje
                Sparkes, Gwynith Leigh, Ella Markell, Gretchen Lightowler,
Briney Hollingsworth, Roxy Winlow, Maycel Kardos, Marybeth Fuson, Frederick
                Vinnell, Janusz Fussell, Lorenzo Wilczewski, Avie Pouliot

  Group name: Accounting Managers
  Description: People who can manage accounting entries
----------------------------
Number of entries returned 2
----------------------------


PLEASE NOTE :: 2 entries noted ... one returned

Version-Release number of selected component (if applicable):
ipa-server-2.2.0-4.el6.x86_64

How reproducible:


Steps to Reproduce:
1. ipa migrate-ds ldap://389server.hostname
2. launch WebUI, view users and group members
3.

Actual results:


Expected results:


Additional info:

Please see attached screen shots

I believe the problem is we aren't updating dn entries within a user. You'll notice that manager and secretary point still refer to ou=People.

master:[[BR]]
b9c3eb7[[BR]]
98a99cb

ipa-2-2:[[BR]]
4e0e0fd[[BR]]
0b5c853

A patch fixing a creation of UPGs, when they are not needed:

master: b55c98f[[BR]]
ipa-2-2: b98342a

Metadata Update from @dpal:
- Issue assigned to rcritten
- Issue set to the milestone: FreeIPA 2.2 Core Effort - 2012/03

7 years ago

Login to comment on this ticket.

Metadata