Problem:
User cannot be added to a group
The user cannot be added to a group, neither in the web interface nor in the command line, the user can be added to the group.
Investigation:
Check if:
- I memberOf activated on all servers?
-
/usr/share/univention-directory-manager-tools/proof_uniqueMembers -c
shows any complaints - is the user shown at the group?
- are groups added and deleted via a script?
Explanation:
Background of the function of adding groups
There is no check on the console and presumably also via the UMC when a user is added to a group that the user must also exist. If the user is then subsequently created, the group is no longer added to the user. If you then try to add the group to the user, the group is checked to see if the user is in it, it is found there and therefor nothing happens to the user.
MemberOf is responsible for the mechanism that the user gets the group when a user is added to the group.
MemberOf checks whether it finds the user when the user is added to the group and then adds the group to the user. If it does not find the user, memberOf shrugs its shoulders and moves on to other things. This is why this situation can occur. I suspect that the user did not exist at the time he was added to the group.
Solution:
- remove the user from the group and readd him there.
-
/usr/share/univention-ldap-overlay-memberof/univention-update-memberof
This script just runs, no hellp or dry-run available