Problem:
User is created in the wrong ou
univention-ldapsearch -xLLL uid=bernhard* dn | grep dn
dn: uid=bernd.schuler,cn=lehrer,cn=users,ou=sun,dc=schein,dc=me
ldapsearch -xLLL -h $(ucr get connector/ad/ldap/host) -p $(ucr get connector/ad/ldap/port) -D "$(ucr get connector/ad/ldap/binddn)" -b "$(ucr get connector/ad/ldap/base)" -w $(cat $(ucr get connector/ad/ldap/bindpw)) 'cn=bernd*' dn | grep dn
dn: CN=bernd schuler,OU=User,OU=Medien,DC=sunschein,DC=lan
Investigation:
The Connector has two SQLITE tables for the mapping:
sqlite3 /etc/univention/connector/internal.sqlite 'select * from "DN Mapping CON"' |grep bernd
cn=bernd schuler,ou=user,ou=medien,dc=sunschein,dc=lan|uid=bernd.schuler,cn=lehrer,cn=users,ou=sun,dc=schein,dc=me
sqlite3 /etc/univention/connector/internal.sqlite 'select * from "DN Mapping UCS"' |grep bernd
uid=bernhard.schuler,cn=lehrer,cn=users,ou=sun,dc=schein,dc=me|cn=bernd schuler,ou=user,ou=medien,dc=sunschein,dc=lan
Solution:
- remove user from ad
- remove the user from the database (both tables)
- ucr set connector/debug/function=β1β
- ucr set connector/debug/level=β4β
- logrotate -f univention-ad-connector
- systemctl restart univention-ad-connector.service
- udm users/user modify --set description=βTest20180503β --dn uid=bernd.schuler,cn=lehrer,cn=users,ou=sun,dc=schein,dc=me