'univentionFetchmailProtocol' not allowed

I am on Univention Corporate Server 5.0.3 and installed the fetchmail from the app center a long time ago.
When I want to save changed user attributes I get the following error message, even when this user never had fetchmail configured and I do not want to change these attributes at all.

The LDAP object could not be saved: LDAP Error: Object class violation: attribute ‘univentionFetchmailProtocol’ not allowed.

I suppose that the attribute field only can have the two options IMAP and POP3. But when I change the contents I must also fill in the other parameters as Remote Server and username and password.

Pleas change the definition for fetchmaiProtocol to accept empty values.
Regards, Peter

I had the same issue. AFAIK the attribute is legacy and was only attached no non-fechtmail accounts. You can identify these accounts via univention-ldapsearch univentionFetchmailProtocol=IMAP dn.

You can delete the attribute via

ldapmodify -D "cn=admin,$(ucr get ldap/base)" -y /etc/ldap.secret <<__LDIF__
dn: $dn_of_object
changetype: modify
delete: univentionFetchmailProtocol
1 Like

and thanks for the hint.

Same for “Object class violation: attribute ‘univentionFetchmailUseSSL’ not allowed.”?

Best regards,

Yes. The working entries are now stored in the new attribute univentionFetchmailSingle. The migration is probably done by the fechtmail joinscript but it ignores all non-working entries.

1 Like

Aaaand same for “univentionFetchmailKeepMailOnServer”

You know what?
You have helped me to solve a problem, which for some unknown reason started today at about 4 o’clock in the morning and has been bothering me ever since:

14.03.2023 04:53:58.232 LDAP        (PROCESS): sync AD > UCS: [          user] [    modify] 'uid=somename,ou=somesub,ou=users,ou=mybusiness,dc=domain,dc=local'
14.03.23 04:53:58.285  ADMIN       ( WARN    ) : The attribute 'entryCSN' is not allowed by any object class.
14.03.2023 04:53:58.287 LDAP        (ERROR  ): Unknown Exception during sync_to_ucs

Since then, little by little, more and more users without fetchmail - even those used for service purposes only - have had S4 rejects.

Fortunately, Prometheus Monitoring brought this to my attention.

I would never have associated this with the old fetchmail attributes, because this was not immediately visible for me in /var/log/univention/connector-s4.log

Really weird that it started without any intervention (also no UCS update immediately before) on my part.

:pray: many, many thanks :pray:


Maybe the respective errata updates could have triggered the S4 error, @scheinig?


Best regards,

Hello SirTux,
ldapmodify and delete univentionFetchmailProtocol was the solution for my problem.
Thank you!
Regards, Peter

1 Like

I would not say “triggered”, but I have got an other report about the connector reject, and created an other Bug:

1 Like