Unable to update DNS Record using UDM REST API

Rudi · June 3, 2022, 2:35pm

Hello!

Attempting to use the REST API’s PUT /dns/host_record/{dn} endpoint is returning to me a status code of 201, and a message that the record is being updated. Wonderful! However, my test is failing because on retrieval via the same GET endpoint is returning the old address to me. When I log into the UMC to look up what the value is there, it is also showing as the old address.

The directory-manager-rest.log file is entirely empty, so I might be looking at the wrong file. Any advice on where to look for error messages, or if the solution to this question is obvious to someone else would be greatly appreciated!

~Rudi

Rudi · June 3, 2022, 4:29pm

This also seems to be happening if I PUT to /users/user/{dn} to try and update a user’s ‘Description’ field (just a random field I don’t use except for testing). Does the REST API work for more than just retrieval?

I find it worth noting- I am retrieving the User object first using GET /users/user/{dn}, making my modification and noting the Etag, then sending the PUT with the modified object, and the Etag added as a header.

Best · June 7, 2022, 9:11am

directory-manager-rest.log is the correct logfile and should not be emtpy - try restarting the service. I think there is a bug with the logrotation which causes the logfile to be emptied.

201 means Created and contains a Location header with a URI giving more information.
If you want to modify a object via PUT 201 should not occur - it seems something in the request is wrong then.
If you want to create a object better use POST /udm/dns/host_record/ instead of PUTing it.

Please post your exact requests and responses.

Rudi · July 12, 2022, 9:46pm

To modify a host_record, I’m sending a PUT request to /univention/udm/dns/host_record/$dn with the following body:

{
	"Etag": "\"censored\"",
	"dn": "relativeDomainName=test,zoneName=nightmare.haus,cn=dns,dc=nightmare,dc=haus",
	"objectType": "dns/host_record",
	"id": "test",
	"position": "relativeDomainName=test,zoneName=nightmare.haus,cn=dns,dc=nightmare,dc=haus",
	"properties": {
		"a": ["72.143.8.77"],
		"name": "test",
		"accountActivationDate": {},
		"umcProperty": {}
	},
	"options": {},
	"policies": {},
	"uri": "https://oogieboogie.nightmare.haus/univention/udm/dns/host_record/relativeDomainName%3Dtest%2CzoneName%3Dnightmare.haus%2Ccn%3Ddns%2Cdc%3Dnightmare%2Cdc%3Dhaus",
	"_links": {
		"self": [{
			"name": "relativeDomainName=test,zoneName=nightmare.haus,cn=dns,dc=nightmare,dc=haus",
			"title": "test",
			"href": "https://oogieboogie.nightmare.haus/univention/udm/dns/host_record/relativeDomainName%3Dtest%2CzoneName%3Dnightmare.haus%2Ccn%3Ddns%2Cdc%3Dnightmare%2Cdc%3Dhaus"
		}]
	},
	"uuid": "censored"
}

I am getting a 201 response back:

{
	"id": "censored",
	"finished": false,
	"errors": false,
	"_links": {
		"curies": [{
			"name": "udm",
			"templated": true,
			"href": "https://oogieboogie.nightmare.haus/univention/udm/relation/{rel}"
		}]
	}
}

Then when checking the record: got 0.0.0.0 want 72.143.8.77

Rudi · July 12, 2022, 10:07pm

I don’t think 201 is the proper response REST should be returning, I manged to get the following from the log file:

12.07.22 18:04:11.867  MODULE      ( INFO    ) : Found LDAP object relativeDomainName=test,zoneName=nightmare.haus,cn=dns,dc=nightmare,dc=haus
12.07.22 18:04:11        INFO      (     4018) : 201 PUT /udm/dns/host_record/relativeDomainName=test,zoneName=nightmare.haus,cn=dns,dc=nightmare,dc=haus (127.0.0.1) 37.20ms
12.07.22 18:04:11        INFO      (     4039) : 201 PUT /udm/dns/host_record/relativeDomainName=test,zoneName=nightmare.haus,cn=dns,dc=nightmare,dc=haus (0.0.0.0) 35.78ms
12.07.22 18:04:11.897  ADMIN       ( INFO    ) : identify: found module dns/host_record on relativeDomainName=test,zoneName=nightmare.haus,cn=dns,dc=nightmare,dc=haus
12.07.22 18:04:11.900  ADMIN       ( INFO    ) : identify: found module dns/forward_zone on zoneName=nightmare.haus,cn=dns,dc=nightmare,dc=haus
12.07.22 18:04:11.900  LDAP        ( INFO    ) : uldap.search filter=(&(objectClass=dNSZone)(relativeDomainName=@)(!(zoneName=*.in-addr.arpa))(!(zoneName=*.ip6.arpa))) base=zoneName=nightmare.haus,cn=dns,dc=nightmare,dc=haus scope=base attr=['*', 'entryUUID', 'entryCSN', 'modifyTimestamp'] unique=1 required=1 timeout=-1 sizelimit=0
12.07.22 18:04:11.904  MODULE      ( INFO    ) : Moving LDAP object relativeDomainName=test,zoneName=nightmare.haus,cn=dns,dc=nightmare,dc=haus to relativeDomainName=test,relativeDomainName=test,zoneName=nightmare.haus,cn=dns,dc=nightmare,dc=haus
12.07.22 18:04:11.904  ADMIN       ( INFO    ) : move: called for relativeDomainName=test,zoneName=nightmare.haus,cn=dns,dc=nightmare,dc=haus to relativeDomainName=test,relativeDomainName=test,zoneName=nightmare.haus,cn=dns,dc=nightmare,dc=haus
12.07.22 18:04:11.905  MODULE      ( WARN    ) : Failed to move LDAP object relativeDomainName=test,zoneName=nightmare.haus,cn=dns,dc=nightmare,dc=haus: invalidOperation: Objects of the "dns/host_record" object type can not be moved.
12.07.22 18:04:11       ERROR      (     4039) : Uncaught exception PUT /udm/dns/host_record/relativeDomainName=test,zoneName=nightmare.haus,cn=dns,dc=nightmare,dc=haus (0.0.0.0)
    HTTPServerRequest(protocol='http', host='oogieboogie.nightmare.haus', method='PUT', uri='/udm/dns/host_record/relativeDomainName=test,zoneName=nightmare.haus,cn=dns,dc=nightmare,dc=haus', version='HTTP/1.1', remote_ip='0.0.0.0')
    Traceback (most recent call last):
      File "/usr/lib/python3/dist-packages/univention/management/console/modules/udm/udm_ldap.py", line 586, in move
        obj.move(dest)
      File "/usr/lib/python3/dist-packages/univention/admin/handlers/__init__.py", line 706, in move
        raise univention.admin.uexceptions.invalidOperation(_('Objects of the "%s" object type can not be moved.') % (self.module,))
    univention.admin.uexceptions.invalidOperation: Objects of the "dns/host_record" object type can not be moved.
    
    During handling of the above exception, another exception occurred:
    
    Traceback (most recent call last):
      File "/usr/lib/python3/dist-packages/tornado/web.py", line 1592, in _execute
        result = yield result
      File "/usr/lib/python3/dist-packages/tornado/gen.py", line 1133, in run
        value = future.result()
      File "/usr/lib/python3/dist-packages/tornado/gen.py", line 1141, in run
        yielded = self.gen.throw(*exc_info)
      File "/usr/lib/python3/dist-packages/univention/admin/rest/module.py", line 2849, in put
        yield self.move(module, dn, position)
      File "/usr/lib/python3/dist-packages/tornado/gen.py", line 1133, in run
        value = future.result()
      File "/usr/lib/python3/dist-packages/tornado/gen.py", line 1141, in run
        yielded = self.gen.throw(*exc_info)
      File "/usr/lib/python3/dist-packages/univention/admin/rest/module.py", line 3012, in move
        dn = yield self.pool.submit(module.move, dn, position)
      File "/usr/lib/python3/dist-packages/tornado/gen.py", line 1133, in run
        value = future.result()
      File "/usr/lib/python3.7/concurrent/futures/_base.py", line 425, in result
        return self.__get_result()
      File "/usr/lib/python3.7/concurrent/futures/_base.py", line 384, in __get_result
        raise self._exception
      File "/usr/lib/python3.7/concurrent/futures/thread.py", line 57, in run
        result = self.fn(*self.args, **self.kwargs)
      File "/usr/lib/python3/dist-packages/univention/management/console/modules/udm/udm_ldap.py", line 590, in move
        UDM_Error(e).reraise()
      File "/usr/lib/python3/dist-packages/univention/management/console/modules/udm/udm_ldap.py", line 363, in reraise
        six.reraise(self.__class__, self, self.exc_info[2])
      File "/usr/lib/python3/dist-packages/six.py", line 692, in reraise
        raise value.with_traceback(tb)
      File "/usr/lib/python3/dist-packages/univention/management/console/modules/udm/udm_ldap.py", line 586, in move
        obj.move(dest)
      File "/usr/lib/python3/dist-packages/univention/admin/handlers/__init__.py", line 706, in move
        raise univention.admin.uexceptions.invalidOperation(_('Objects of the "%s" object type can not be moved.') % (self.module,))
    univention.management.console.modules.udm.udm_ldap.UDM_Error: This operation is not allowed on this object. Objects of the "dns/host_record" object type can not be moved.
12.07.22 18:04:11.985  MODULE      ( INFO    ) : Searching for LDAP objects: container = , filter = relativeDomainName=test, superordinate = None
12.07.22 18:04:11.986  LDAP        ( INFO    ) : uldap.search filter=(&(objectClass=dNSZone)(!(relativeDomainName=@))(!(zoneName=*.in-addr.arpa))(!(zoneName=*.ip6.arpa))(!(cNAMERecord=*))(!(sRVRecord=*))(|(aRecord=*)(aAAARecord=*)(mXRecord=*)(univentionObjectType=dns/host_record))(relativeDomainName=test)) base= scope=sub attr=['*', 'entryUUID', 'entryCSN', 'modifyTimestamp'] unique=0 required=0 timeout=-1 sizelimit=400000

Best · July 26, 2022, 4:53pm

The problem is that the position contains the DN of the object you are trying to modify.
Fix it by using the original position:

"position": "zoneName=nightmare.haus,cn=dns,dc=nightmare,dc=haus",

The underlying issue is probably how you are constructing the request. You should fetch the current data and modify it accordingly instead of manually building/creating a request payload.