Ticket was cloned from Red Hat Bugzilla (product Red Hat Enterprise Linux 7): Bug 1529444
Description of problem: ObjectclassViolation seen while adding idview with domain-resolution-order option. Version-Release number of selected component (if applicable): ipa-server-4.5.4-7.el7.x86_64 389-ds-base-1.3.7.5-11.el7.x86_64 How reproducible:Always Steps to Reproduce: 1. Install IPA server and establish with Windows AD 2. Run the domain resolution order command #ipa config-mod --domain-resolution-order='testrelm.test:pne.qe' Domain resolution order: testrelm.test:pne.qe 3. Add a view with the domain resolution order #ipa idview-add special_host_view --desc 'ID view' --domain-resolution-order='testrelm.test:pne.qe' Actual results: [root@master ~]# ipa config-mod --domain-resolution-order='testrelm.test:pne.qe' Domain resolution order: testrelm.test:pne.qe [root@master ~]# ipa idview-add special_host_view --desc 'ID view' --domain-resolution-order='testrelm.test:pne.qe' ipa: ERROR: attribute "ipaDomainResolutionOrder" not allowed [Wed Dec 27 08:38:06.749234 2017] [:error] [pid 30252] ipa: DEBUG: WSGI wsgi_dispatch.__call__: [Wed Dec 27 08:38:06.749382 2017] [:error] [pid 30252] ipa: DEBUG: WSGI jsonserver_session.__call__: [Wed Dec 27 08:38:06.794961 2017] [:error] [pid 30252] ipa: DEBUG: Created connection context.ldap2_140579793685584 [Wed Dec 27 08:38:06.795154 2017] [:error] [pid 30252] ipa: DEBUG: WSGI jsonserver.__call__: [Wed Dec 27 08:38:06.795242 2017] [:error] [pid 30252] ipa: DEBUG: WSGI WSGIExecutioner.__call__: [Wed Dec 27 08:38:06.810186 2017] [:error] [pid 30252] ipa: DEBUG: raw: idview_add(u'special_host_view', description=u'ID view', ipadomainresolutionorder=u'testrelm.test:pne.qe', version=u'2.228') [Wed Dec 27 08:38:06.810545 2017] [:error] [pid 30252] ipa: DEBUG: idview_add(u'special_host_view', description=u'ID view', ipadomainresolutionorder=u'testrelm.test:pne.qe', all=False, raw=False, version=u'2.228') [Wed Dec 27 08:38:06.811450 2017] [:error] [pid 30252] ipa: DEBUG: retrieving schema for SchemaCache url=ldapi://%2fvar%2frun%2fslapd-TESTRELM-TEST.socket conn=<ldap.ldapobject.SimpleLDAPObject instance at 0x7fdb480fa0e0> [Wed Dec 27 08:38:07.282325 2017] [:error] [pid 30252] ipa: DEBUG: raw: trust_find(None, sizelimit=0, version=u'2.228') [Wed Dec 27 08:38:07.282723 2017] [:error] [pid 30252] ipa: DEBUG: trust_find(None, sizelimit=0, all=False, raw=False, version=u'2.228', pkey_only=False) [Wed Dec 27 08:38:07.304696 2017] [:error] [pid 30252] ipa: DEBUG: raw: trustdomain_find(u'ipaad2016.test', None, sizelimit=0, version=u'2.228') [Wed Dec 27 08:38:07.305166 2017] [:error] [pid 30252] ipa: DEBUG: trustdomain_find(u'ipaad2016.test', None, sizelimit=0, all=False, raw=False, version=u'2.228', pkey_only=False) [Wed Dec 27 08:38:07.317303 2017] [:error] [pid 30252] ipa: DEBUG: raw: trustdomain_find(u'pne.qe', None, sizelimit=0, version=u'2.228') [Wed Dec 27 08:38:07.317703 2017] [:error] [pid 30252] ipa: DEBUG: trustdomain_find(u'pne.qe', None, sizelimit=0, all=False, raw=False, version=u'2.228', pkey_only=False) [Wed Dec 27 08:38:07.347503 2017] [:error] [pid 30252] ipa: DEBUG: WSGI wsgi_execute PublicError: Traceback (most recent call last): [Wed Dec 27 08:38:07.347543 2017] [:error] [pid 30252] File "/usr/lib/python2.7/site-packages/ipaserver/rpcserver.py", line 367, in wsgi_execute [Wed Dec 27 08:38:07.347549 2017] [:error] [pid 30252] result = command(*args, **options) [Wed Dec 27 08:38:07.347555 2017] [:error] [pid 30252] File "/usr/lib/python2.7/site-packages/ipalib/frontend.py", line 447, in __call__ [Wed Dec 27 08:38:07.347559 2017] [:error] [pid 30252] return self.__do_call(*args, **options) [Wed Dec 27 08:38:07.347564 2017] [:error] [pid 30252] File "/usr/lib/python2.7/site-packages/ipalib/frontend.py", line 475, in __do_call [Wed Dec 27 08:38:07.347569 2017] [:error] [pid 30252] ret = self.run(*args, **options) [Wed Dec 27 08:38:07.347573 2017] [:error] [pid 30252] File "/usr/lib/python2.7/site-packages/ipalib/frontend.py", line 797, in run [Wed Dec 27 08:38:07.347578 2017] [:error] [pid 30252] return self.execute(*args, **options) [Wed Dec 27 08:38:07.347582 2017] [:error] [pid 30252] File "/usr/lib/python2.7/site-packages/ipaserver/plugins/baseldap.py", line 1190, in execute [Wed Dec 27 08:38:07.347587 2017] [:error] [pid 30252] self._exc_wrapper(keys, options, ldap.add_entry)(entry_attrs) [Wed Dec 27 08:38:07.347607 2017] [:error] [pid 30252] File "/usr/lib/python2.7/site-packages/ipaserver/plugins/baseldap.py", line 1100, in wrapped [Wed Dec 27 08:38:07.347613 2017] [:error] [pid 30252] return func(*call_args, **call_kwargs) [Wed Dec 27 08:38:07.347618 2017] [:error] [pid 30252] File "/usr/lib/python2.7/site-packages/ipaserver/plugins/baseldap.py", line 1109, in exc_func [Wed Dec 27 08:38:07.347622 2017] [:error] [pid 30252] self, keys, options, e, call_func, *args, **kwargs) [Wed Dec 27 08:38:07.347627 2017] [:error] [pid 30252] File "/usr/lib/python2.7/site-packages/ipaserver/plugins/baseldap.py", line 1253, in exc_callback [Wed Dec 27 08:38:07.347632 2017] [:error] [pid 30252] raise exc [Wed Dec 27 08:38:07.347636 2017] [:error] [pid 30252] ObjectclassViolation: attribute "ipaDomainResolutionOrder" not allowed [Wed Dec 27 08:38:07.347640 2017] [:error] [pid 30252] [Wed Dec 27 08:38:07.347894 2017] [:error] [pid 30252] ipa: INFO: [jsonserver_session] admin@TESTRELM.TEST: idview_add/1(u'special_host_view', description=u'ID view', ipadomainresolutionorder=u'testrelm.test:pne.qe', version=u'2.228'): ObjectclassViolation [Wed Dec 27 08:38:07.349809 2017] [:error] [pid 30252] ipa: DEBUG: Destroyed connection context.ldap2_140579793685584 Expected results: Objectclass violation error should be fixed and view should be created as in the example mentioned in the below url. Additional info: Tried testcase specified in https://www.freeipa.org/page/V4/AD_User_Short_Names
Metadata Update from @frenaud: - Custom field rhbz adjusted to https://bugzilla.redhat.com/show_bug.cgi?id=1529444
Metadata Update from @frenaud: - Issue assigned to frenaud
Metadata Update from @frenaud: - Custom field on_review adjusted to https://github.com/freeipa/freeipa/pull/1437
master:
https://github.com/freeipa/freeipa/pull/1437 does not apply cleanly to 4.6 and 4.5. Please create a manual backport.
Metadata Update from @frenaud: - Issue set to the milestone: FreeIPA 4.5.5
ipa-4-5:
ipa-4-6:
Metadata Update from @cheimes: - Issue close_status updated to: fixed - Issue status updated to: Closed (was: Open)
Login to comment on this ticket.