I’m currently testing an UCS Memberserver (version 4.4-3 errata438) in an AD-Domain (SBS 2011). The UCS Memberserver holds the Kopano Core, WebApp etc.
It looks like almost all AD entries have been successfully replicated to LDAP. But one user account seems to have a problem. I wasn’t able to change the primary e-mail address at this user. That means I changed it on the Windows AD Server and the e-mail address was not replicate to LDAP. In LDAP still the old e-mail address is listed. In the connection.log I found the following:
05.02.2020 16:24:21.188 LDAP (PROCESS): sync to ucs: Resync rejected dn: CN=Max Meier,OU=myOU,OU=Benutzer,DC=mydomain,DC=local 05.02.2020 16:24:21.198 LDAP (PROCESS): sync to ucs: [ user] [ add] uid=meier,ou=myOU,ou=benutzer,dc=mydomain,dc=local 05.02.2020 16:24:21.218 LDAP (ERROR ): Unknown Exception during sync_to_ucs 05.02.2020 16:24:21.218 LDAP (ERROR ): Traceback (most recent call last): File "/usr/lib/python2.7/dist-packages/univention/connector/__init__.py", line 1278, in sync_to_ucs result = self.add_in_ucs(property_type, object, module, position) File "/usr/lib/python2.7/dist-packages/univention/connector/__init__.py", line 1124, in add_in_ucs return bool(ucs_object.create()) File "/usr/lib/python2.7/dist-packages/univention/admin/handlers/__init__.py", line 555, in create self._ldap_pre_ready() File "/usr/lib/python2.7/dist-packages/univention/admin/handlers/users/user.py", line 1648, in _ldap_pre_ready raise univention.admin.uexceptions.mailAddressUsed(self['mailPrimaryAddress']) mailAddressUsed: email@example.com
"firstname.lastname@example.org" is the old address.
For testing purposes I deleted the user account in AD. Now the error is gone but the user account is still listed in LDAP.
Any ideas how to fix that and get rid of this orphaned user account in LDAP?
Thanks in advance