#7350 ObjectclassViolation seen while adding idview with domain-resolution-order option.
Closed: fixed 6 years ago Opened 6 years ago by frenaud.

Ticket was cloned from Red Hat Bugzilla (product Red Hat Enterprise Linux 7): Bug 1529444

Description of problem: ObjectclassViolation seen while adding idview with
domain-resolution-order option.


Version-Release number of selected component (if applicable):
ipa-server-4.5.4-7.el7.x86_64
389-ds-base-1.3.7.5-11.el7.x86_64

How reproducible:Always


Steps to Reproduce:
1. Install IPA server and establish with Windows AD
2. Run the domain resolution order command

#ipa config-mod --domain-resolution-order='testrelm.test:pne.qe'
Domain resolution order: testrelm.test:pne.qe

3. Add a view with the domain resolution order
#ipa idview-add special_host_view --desc 'ID view'
--domain-resolution-order='testrelm.test:pne.qe'

Actual results:
[root@master ~]# ipa config-mod
--domain-resolution-order='testrelm.test:pne.qe' Domain resolution order:
testrelm.test:pne.qe
[root@master ~]# ipa idview-add special_host_view --desc 'ID view'
--domain-resolution-order='testrelm.test:pne.qe'
ipa: ERROR: attribute "ipaDomainResolutionOrder" not allowed

[Wed Dec 27 08:38:06.749234 2017] [:error] [pid 30252] ipa: DEBUG: WSGI
wsgi_dispatch.__call__:
[Wed Dec 27 08:38:06.749382 2017] [:error] [pid 30252] ipa: DEBUG: WSGI
jsonserver_session.__call__:
[Wed Dec 27 08:38:06.794961 2017] [:error] [pid 30252] ipa: DEBUG: Created
connection context.ldap2_140579793685584
[Wed Dec 27 08:38:06.795154 2017] [:error] [pid 30252] ipa: DEBUG: WSGI
jsonserver.__call__:
[Wed Dec 27 08:38:06.795242 2017] [:error] [pid 30252] ipa: DEBUG: WSGI
WSGIExecutioner.__call__:
[Wed Dec 27 08:38:06.810186 2017] [:error] [pid 30252] ipa: DEBUG: raw:
idview_add(u'special_host_view', description=u'ID view',
ipadomainresolutionorder=u'testrelm.test:pne.qe', version=u'2.228')
[Wed Dec 27 08:38:06.810545 2017] [:error] [pid 30252] ipa: DEBUG:
idview_add(u'special_host_view', description=u'ID view',
ipadomainresolutionorder=u'testrelm.test:pne.qe', all=False, raw=False,
version=u'2.228')
[Wed Dec 27 08:38:06.811450 2017] [:error] [pid 30252] ipa: DEBUG: retrieving
schema for SchemaCache url=ldapi://%2fvar%2frun%2fslapd-TESTRELM-TEST.socket
conn=<ldap.ldapobject.SimpleLDAPObject instance at 0x7fdb480fa0e0>
[Wed Dec 27 08:38:07.282325 2017] [:error] [pid 30252] ipa: DEBUG: raw:
trust_find(None, sizelimit=0, version=u'2.228')
[Wed Dec 27 08:38:07.282723 2017] [:error] [pid 30252] ipa: DEBUG:
trust_find(None, sizelimit=0, all=False, raw=False, version=u'2.228',
pkey_only=False)
[Wed Dec 27 08:38:07.304696 2017] [:error] [pid 30252] ipa: DEBUG: raw:
trustdomain_find(u'ipaad2016.test', None, sizelimit=0, version=u'2.228')
[Wed Dec 27 08:38:07.305166 2017] [:error] [pid 30252] ipa: DEBUG:
trustdomain_find(u'ipaad2016.test', None, sizelimit=0, all=False, raw=False,
version=u'2.228', pkey_only=False)
[Wed Dec 27 08:38:07.317303 2017] [:error] [pid 30252] ipa: DEBUG: raw:
trustdomain_find(u'pne.qe', None, sizelimit=0, version=u'2.228')
[Wed Dec 27 08:38:07.317703 2017] [:error] [pid 30252] ipa: DEBUG:
trustdomain_find(u'pne.qe', None, sizelimit=0, all=False, raw=False,
version=u'2.228', pkey_only=False)
[Wed Dec 27 08:38:07.347503 2017] [:error] [pid 30252] ipa: DEBUG: WSGI
wsgi_execute PublicError: Traceback (most recent call last):
[Wed Dec 27 08:38:07.347543 2017] [:error] [pid 30252]   File
"/usr/lib/python2.7/site-packages/ipaserver/rpcserver.py", line 367, in
wsgi_execute
[Wed Dec 27 08:38:07.347549 2017] [:error] [pid 30252]     result =
command(*args, **options)
[Wed Dec 27 08:38:07.347555 2017] [:error] [pid 30252]   File
"/usr/lib/python2.7/site-packages/ipalib/frontend.py", line 447, in __call__
[Wed Dec 27 08:38:07.347559 2017] [:error] [pid 30252]     return
self.__do_call(*args, **options)
[Wed Dec 27 08:38:07.347564 2017] [:error] [pid 30252]   File
"/usr/lib/python2.7/site-packages/ipalib/frontend.py", line 475, in __do_call
[Wed Dec 27 08:38:07.347569 2017] [:error] [pid 30252]     ret =
self.run(*args, **options)
[Wed Dec 27 08:38:07.347573 2017] [:error] [pid 30252]   File
"/usr/lib/python2.7/site-packages/ipalib/frontend.py", line 797, in run
[Wed Dec 27 08:38:07.347578 2017] [:error] [pid 30252]     return
self.execute(*args, **options)
[Wed Dec 27 08:38:07.347582 2017] [:error] [pid 30252]   File
"/usr/lib/python2.7/site-packages/ipaserver/plugins/baseldap.py", line 1190, in
execute
[Wed Dec 27 08:38:07.347587 2017] [:error] [pid 30252]
self._exc_wrapper(keys, options, ldap.add_entry)(entry_attrs)
[Wed Dec 27 08:38:07.347607 2017] [:error] [pid 30252]   File
"/usr/lib/python2.7/site-packages/ipaserver/plugins/baseldap.py", line 1100, in
wrapped
[Wed Dec 27 08:38:07.347613 2017] [:error] [pid 30252]     return
func(*call_args, **call_kwargs)
[Wed Dec 27 08:38:07.347618 2017] [:error] [pid 30252]   File
"/usr/lib/python2.7/site-packages/ipaserver/plugins/baseldap.py", line 1109, in
exc_func
[Wed Dec 27 08:38:07.347622 2017] [:error] [pid 30252]     self, keys, options,
e, call_func, *args, **kwargs)
[Wed Dec 27 08:38:07.347627 2017] [:error] [pid 30252]   File
"/usr/lib/python2.7/site-packages/ipaserver/plugins/baseldap.py", line 1253, in
exc_callback
[Wed Dec 27 08:38:07.347632 2017] [:error] [pid 30252]     raise exc
[Wed Dec 27 08:38:07.347636 2017] [:error] [pid 30252] ObjectclassViolation:
attribute "ipaDomainResolutionOrder" not allowed
[Wed Dec 27 08:38:07.347640 2017] [:error] [pid 30252]
[Wed Dec 27 08:38:07.347894 2017] [:error] [pid 30252] ipa: INFO:
[jsonserver_session] admin@TESTRELM.TEST: idview_add/1(u'special_host_view',
description=u'ID view', ipadomainresolutionorder=u'testrelm.test:pne.qe',
version=u'2.228'): ObjectclassViolation
[Wed Dec 27 08:38:07.349809 2017] [:error] [pid 30252] ipa: DEBUG: Destroyed
connection context.ldap2_140579793685584

Expected results:
Objectclass violation error should be fixed and view should be created as in
the  example mentioned in the below url.

Additional info:
Tried testcase specified in https://www.freeipa.org/page/V4/AD_User_Short_Names

Metadata Update from @frenaud:
- Custom field rhbz adjusted to https://bugzilla.redhat.com/show_bug.cgi?id=1529444

6 years ago

Metadata Update from @frenaud:
- Issue assigned to frenaud

6 years ago

Metadata Update from @frenaud:
- Custom field on_review adjusted to https://github.com/freeipa/freeipa/pull/1437

6 years ago

master:

  • 830866d Idviews: fix objectclass violation on idview-add

https://github.com/freeipa/freeipa/pull/1437 does not apply cleanly to 4.6 and 4.5. Please create a manual backport.

Metadata Update from @frenaud:
- Issue set to the milestone: FreeIPA 4.5.5

6 years ago

ipa-4-5:

  • 53047d6 Idviews: fix objectclass violation on idview-add

ipa-4-6:

  • 6c89b26 Idviews: fix objectclass violation on idview-add

Metadata Update from @cheimes:
- Issue close_status updated to: fixed
- Issue status updated to: Closed (was: Open)

6 years ago

Login to comment on this ticket.

Metadata