How-to: UCS@school import - Used no-overwrite-attributes - no-overwrite-by-schema

Knowledge Base Community
, , ,
#1

How to:

When re-importing users from existing users in LDAP, certain attributes should not be overwritten by the import. A helpful message on this can be found in the /var/log/univention/ucs-school-import.log

2024-12-16 11:07:30 INFO  tasks.run_import_job:114  -- Starting import job... --
2024-12-16 11:07:30 DEBUG import_user.ImportUser:134  Used no-overwrite-attributes: ['mailPrimaryAddress', 'uid']

Solution

The following UCRV can be used so that certain attributes are defined and taken into account during further import and none are overwritten.

ucr set ucsschool/import/generate/user/attributes/no-overwrite-by-schema="mailPrimaryAddress username uid mail"

Investigation

The information from the UCRV.

ucr info ucsschool/import/generate/user/attributes/no-overwrite-by-schema

ucsschool/import/generate/user/attributes/no-overwrite-by-schema: <empty>
 Whitespace separated list of LDAP attributes that the user import should not overwrite if their values are non-empty in LDAP, empty in the input data (CSV) and a schema for them exists. Default value if UCR variable is unset: "mailPrimaryAddress username"
 Categories: ucsschool-base
 Default: (not set)
 Type: str

For example, you can check the attributes from an existing user account with an univention-ldapsearch

univention-ldapsearch -LLL uid=m.muster '+' '*' | less

dn: uid=m.muster,cn=schueler,cn=users,ou=mejneschool2,dc=ucs5schoolhejne,dc=intranet
krb5MaxLife: 86400
krb5MaxRenew: 604800
uidNumber: 2725
givenName: Max
sn: Muster
gecos: Max Muster
displayName: Max Muster
departmentNumber: mejneschool2
homeDirectory: /home/mejneschool2/schueler/m.muster
loginShell: /bin/bash
sambaHomePath: \\mejneschool2\m.muster
sambaLogonScript: ucs-school-logon.vbs
sambaProfilePath: %LOGONSERVER%\%USERNAME%\windows-profiles\default
sambaHomeDrive: I:
mailForwardCopyToSelf: 0
ucsschoolSchool: mejneschool2
ucsschoolRole: student:school:mejneschool2
kopanoMrProcess: 1
kopanoMrAcceptConflict: 1
kopanoMrAcceptRecurring: 1
kopano4ucsRole: none
univentionMailUserQuota: 0
cn: Max Muster
krb5PrincipalName: m.muster@UCS5SCHOOLHEJNE.INTRANET
krb5KDCFlags: 126
sambaBadPasswordCount: 0
sambaBadPasswordTime: 0
sambaAcctFlags: [U          ]
objectClass: shadowAccount
objectClass: organizationalPerson
objectClass: ucsschoolStudent
objectClass: top
objectClass: univentionPWHistory
objectClass: person
objectClass: krb5KDCEntry
objectClass: automount
objectClass: krb5Principal
objectClass: posixAccount
objectClass: univentionObject
objectClass: sambaSamAccount
objectClass: kopano-user
objectClass: inetOrgPerson
objectClass: univentionMail
objectClass: ucsschoolType
sambaSID: S-1-5-21-1150003711-260972013-2878653590-6450
gidNumber: 5305
sambaPrimaryGroupSID: S-1-5-21-1150003711-260972013-2878653590-11611
kopanoAccount: 0
kopanoAdmin: 0
kopanoSharedStoreOnly: 0
univentionObjectType: users/user
structuralObjectClass: inetOrgPerson
entryUUID: 129def2a-b128-103e-9d0d-2f8300dd3882
creatorsName: uid=Administrator,cn=users,dc=ucs5schoolhejne,dc=intranet
createTimestamp: 20240528102330Z
memberOf: cn=Domain Users mejneschool2,cn=groups,ou=mejneschool2,dc=ucs5schoolhejne,dc=intranet
memberOf: cn=schueler-mejneschool2,cn=groups,ou=mejneschool2,dc=ucs5schoolhejne,dc=intranet
memberOf: cn=mejneschool2-Mejne2-Gruppe,cn=schueler,cn=groups,ou=mejneschool2,dc=ucs5schoolhejne,dc=intranet
memberOf:: Y249bWVqbmVzY2hvb2wyLVDDhEQxMEZLX1BhZWRhZ29naWtfMTAsY249a2xhc3Nlbixjbj1zY2h1ZWxlcixjbj1ncm91cHMsb3U9bWVqbmVzY2hvb2wyLGRjPXVjczVzY2hvb2xoZWpuZSxkYz1pbnRyYW5ldA==
memberOf: cn=mejneschool2-Univention-Workgroup,cn=schueler,cn=groups,ou=mejneschool2,dc=ucs5schoolhejne,dc=intranet
memberOf: cn=mejneschool2-Univention-Class,cn=klassen,cn=schueler,cn=groups,ou=mejneschool2,dc=ucs5schoolhejne,dc=intranet
userPassword:: e2NyeXB0fSQ2JFUxbXBlMTZldksyYWhkcXMkT3NXYUY1cHEwODZLY1RmcHN5eHNIcWc0S2tpNHdrQlVCWjRRMldXWHQwdWtFVVVHOEd1TVpnM2ZsSXpQZVF2Zy82c3pvTVYxWEhOa2pGc1htV3JZbS8=
krb5Key:: MFyhKzApoAMCARKhIgQgMpjLa8R6kQwAMHlxPfqoSC74ZI84GRJTNS/L7bpBhuaiLTAroAMCAQOhJAQiVUNTNVNDSE9PTEhFSk5FLklOVFJBTkVUbWlyYWMuZXJkZQ==
krb5Key:: MEyhGzAZoAMCARGhEgQQvrFe+bCgHQJ+HLrKQJalNaItMCugAwIBA6EkBCJVQ1M1U0NIT09MSEVKTkUuSU5UUkFORVRtaXJhYy5lcmRl
krb5Key:: MEyhGzAZoAMCARehEgQQyqEjnUTaft+Sa8459cZdD6ItMCugAwIBA6EkBCJVQ1M1U0NIT09MSEVKTkUuSU5UUkFORVRtaXJhYy5lcmRl
krb5Key:: MEShEzARoAMCAQGhCgQIUb+KDkmr9OOiLTAroAMCAQOhJAQiVUNTNVNDSE9PTEhFSk5FLklOVFJBTkVUbWlyYWMuZXJkZQ==
krb5Key:: MEShEzARoAMCAQOhCgQIUb+KDkmr9OOiLTAroAMCAQOhJAQiVUNTNVNDSE9PTEhFSk5FLklOVFJBTkVUbWlyYWMuZXJkZQ==
krb5Key:: MEShEzARoAMCAQKhCgQIUb+KDkmr9OOiLTAroAMCAQOhJAQiVUNTNVNDSE9PTEhFSk5FLklOVFJBTkVUbWlyYWMuZXJkZQ==
krb5Key:: MFShIzAhoAMCARChGgQYSrNKTy/Nv3MVhf5bIJQ0UqH3JRqh41eboi0wK6ADAgEDoSQEIlVDUzVTQ0hPT0xIRUpORS5JTlRSQU5FVG1pcmFjLmVyZGU=
krb5KeyVersionNumber: 14
pwhistory: $6$QKFOIDCR/uamiTpr$DBIzUkgPFiSCWKmHNCqjg2sNN2/6LlOGMT0e8Bb0yQfBX3mf7t1mu7KEuulpFawuMJ1ZjniSOzSqq.tvFuW3T0 {NT}$393BE577DA2666AF4917C1815A75E03A $6$q/1lnGuqYU3VEZRK$puH6NGUGFxsKQo3irEk2juYvyi.RY1ghVu3
Ea9n70bl98xCBlvqzG3X3.RFxgAqnCPlNFZMxc1B41siha6olT.
sambaNTPassword: CAA1239D44DA7EDF926BCE39F5C65D0F
sambaPwdLastSet: 1727273691
shadowLastChange: 19991
uid: m.muster
mailPrimaryAddress: m.muster@univention.de
mail: m.muster@testing.de
entryCSN: 20241216140958.264151Z#000000#000#000000
modifiersName: uid=Administrator,cn=users,dc=ucs5schoolhejne,dc=intranet
modifyTimestamp: 20241216140958Z
entryDN: uid=m.muster,cn=schueler,cn=users,ou=mejneschool2,dc=ucs5schoolhejne,dc=intranet
subschemaSubentry: cn=Subschema
hasSubordinates: FALSE

See also:

#2
Mastodon