ldap.DECODING_ERROR when adding LDAP-container

letmesetupthis · February 14, 2022, 12:42pm

I get a ldap.DECODING_ERROR when adding LDAP-container usign this:

udm container/cn create \
--position "cn=custom attributes,cn=univention,$ldap_base" \
--set name="Nextcloud"

The Error:

Traceback (most recent call last):
  File "/usr/share/univention-directory-manager-tools/univention-cli-server", line 213, i                                                                                                                          n doit
    output = univention.admincli.admin.doit(arglist)
  File "/usr/lib/python3/dist-packages/univention/admincli/admin.py", line 380, in doit
    out = _doit(arglist)
  File "/usr/lib/python3/dist-packages/univention/admincli/admin.py", line 564, in _doit
    position.setDn(position_dn)
  File "/usr/lib/python3/dist-packages/univention/admin/uldap.py", line 293, in setDn
    dn = ldap.dn.str2dn(dn)
  File "/usr/lib/python3/dist-packages/ldap/dn.py", line 52, in str2dn
    return ldap.functions._ldap_function_call(None,_ldap.str2dn,dn,flags)
  File "/usr/lib/python3/dist-packages/ldap/functions.py", line 55, in _ldap_function_cal                                                                                                                          l
    result = func(*args,**kwargs)
ldap.DECODING_ERROR

letmesetupthis · February 14, 2022, 1:06pm

creating the object with the correct domain isntead of the variable “$ldap_base” works.

Grandjean · February 14, 2022, 2:01pm

The ldap.DECODING_ERROR is typical if the $ldap_base variable is empty. UDM then tries to create an object at cn=Nextcloud,cn=custom attributes,cn=univention, - which is not a valid DN.

To make this work, you need to first set ldap_base to an actual value. The most convenient way to do this:

eval "$(ucr shell ldap/base)"

This will add $ldap_base to your shell variables with the value of the UCR variable ldap/base. You can check with:

echo $ldap_base

You can even load all UCR variables as shell variables by simply executing:

eval "$(ucr shell)"
# happy shell scripting:
printf "Your DNS Forwarder is: $dns_forwarder1 \nYour DNS Nameserver is: $nameserver1 \nYour LDAP server is: $ldap_server_name \nUsed repository server: $repository_online_server \nAre updates available? $update_available \n"