Update to 4.3 breaks on 98univention-samba4-saml-kerberos.inst

ucs-4-3

#5
root@ucsmaster:~# ucr get server/role
domaincontroller_master

User ucs-sso is there

root@ucsmaster:~# univention-ldapsearch uid=ucs-sso dn
# extended LDIF
#
# LDAPv3
# base <dc=sunhut,dc=local> (default) with scope subtree
# filter: uid=ucs-sso
# requesting: dn
#

# ucs-sso, users, sunhut.local
dn: uid=ucs-sso,cn=users,dc=sunhut,dc=local

# search result
search: 3
result: 0 Success

# numResponses: 2
# numEntries: 1

#6

Is the User also in Samba/AD?

root@ucsmaster:~# univention-s4search cn=ucs-sso dn

#7
root@ucsmaster:~# univention-s4search cn=ucs-sso dn
# Referral
ref: ldap://sunhut.local/CN=Configuration,DC=sunhut,DC=local

# Referral
ref: ldap://sunhut.local/DC=DomainDnsZones,DC=sunhut,DC=local

# Referral
ref: ldap://sunhut.local/DC=ForestDnsZones,DC=sunhut,DC=local

# returned 3 records
# 0 entries
# 3 referrals

#9

Are there rejects?

univention-s4connector-list-rejected 

#10
UCS rejected

    1:   UCS DN: cn=wordpress-editors,cn=groups,dc=sunhut,dc=local
          S4 DN: <not found>
         Filename: /var/lib/univention-connector/s4/1518558649.329305

    2:   UCS DN: cn=wordpress-subscribers,cn=groups,dc=sunhut,dc=local
          S4 DN: <not found>
         Filename: /var/lib/univention-connector/s4/1518558709.706466

    3:   UCS DN: cn=wordpress-contributors,cn=groups,dc=sunhut,dc=local
          S4 DN: <not found>
         Filename: /var/lib/univention-connector/s4/1518558717.941413

    4:   UCS DN: uid=ucs-sso,cn=users,dc=sunhut,dc=local
          S4 DN: <not found>
         Filename: /var/lib/univention-connector/s4/1521109909.139284

    5:   UCS DN: cn=ucstest,cn=memberserver,cn=computers,dc=sunhut,dc=local
          S4 DN: <not found>
         Filename: /var/lib/univention-connector/s4/1518558757.576695

    6:   UCS DN: cn=owncl-09688169,cn=memberserver,cn=computers,dc=sunhut,dc=local
          S4 DN: <not found>
         Filename: /var/lib/univention-connector/s4/1518558798.928324

    7:   UCS DN: cn=wordp-30672859,cn=memberserver,cn=computers,dc=sunhut,dc=local
          S4 DN: <not found>
         Filename: /var/lib/univention-connector/s4/1518558799.289862

    8:   UCS DN: cn=wordpress-authors,cn=groups,dc=sunhut,dc=local
          S4 DN: <not found>
         Filename: /var/lib/univention-connector/s4/1518559327.296853

    9:   UCS DN: uid=ucs-sso,cn=users,dc=sunhut,dc=local
          S4 DN: <not found>
         Filename: /var/lib/univention-connector/s4/1521095384.102680

   10:   UCS DN: uid=ucs-sso,cn=users,dc=sunhut,dc=local
          S4 DN: <not found>
         Filename: /var/lib/univention-connector/s4/1521095398.944389

   11:   UCS DN: cn=wordpress-editors,cn=groups,dc=sunhut,dc=local
          S4 DN: <not found>
         Filename: /var/lib/univention-connector/s4/1518559327.297008

   12:   UCS DN: cn=ucstest,cn=memberserver,cn=computers,dc=sunhut,dc=local
          S4 DN: <not found>
         Filename: /var/lib/univention-connector/s4/1520467745.618183

   13:   UCS DN: cn=wordpress-subscribers,cn=groups,dc=sunhut,dc=local
          S4 DN: <not found>
         Filename: /var/lib/univention-connector/s4/1518559327.298613

   14:   UCS DN: uid=ldapper-s-ucsutil,cn=users,dc=sunhut,dc=local
          S4 DN: <not found>
         Filename: /var/lib/univention-connector/s4/1521101400.719149

   15:   UCS DN: cn=wordpress-contributors,cn=groups,dc=sunhut,dc=local
          S4 DN: <not found>
         Filename: /var/lib/univention-connector/s4/1518559327.299055

   16:   UCS DN: cn=wordpress-authors,cn=groups,dc=sunhut,dc=local
          S4 DN: <not found>
         Filename: /var/lib/univention-connector/s4/1518558648.908471


S4 rejected

#11

Ok that explains it.
https://help.univention.com/t/how-to-deal-with-s4-connector-rejects/33


#12

Can you please explain


#13

What do you don’t understand exactly? You’ve to handle the rejects as explained in the FAQ article.


#14

Removing rejected objects and resync does not help. The Samba AD is not populated from LDAP.


#15

What’s written in the log file /var/log/univention/connector-s4.log


#16
root@ucsmaster:~# /usr/share/univention-s4-connector/remove_ucs_rejected.py uid=ucs-sso,cn=users,dc=sunhut,dc=local
The rejected UCS object uid=ucs-sso,cn=users,dc=sunhut,dc=local has been removed.
root@ucsmaster:~# univention-s4connector-list-rejected

UCS rejected


S4 rejected


There may be no rejected DNs if the connector is in progress, to be
sure stop the connector before running this script.


        last synced USN: 10040
root@ucsmaster:~# /usr/share/univention-s4-connector/resync_object_from_ucs.py --filter uid=ucs-sso
resync triggered for uid=ucs-sso,cn=users,dc=sunhut,dc=local
root@ucsmaster:~#
root@ucsmaster:~# univention-s4connector-list-rejected

UCS rejected

    1:   UCS DN: uid=ucs-sso,cn=users,dc=sunhut,dc=local
          S4 DN: <not found>
         Filename: /var/lib/univention-connector/s4/1521193147.971995


S4 rejected


        last synced USN: 10040
root@ucsmaster:~#
15.03.2018 15:04:40,679 MAIN        (------ ): DEBUG_INIT
15.03.2018 15:14:40,94 MAIN        (------ ): DEBUG_INIT
15.03.2018 15:24:43,416 MAIN        (------ ): DEBUG_INIT
15.03.2018 15:34:42,254 MAIN        (------ ): DEBUG_INIT
15.03.2018 15:44:45,164 MAIN        (------ ): DEBUG_INIT
15.03.2018 15:54:41,249 MAIN        (------ ): DEBUG_INIT
15.03.2018 16:04:41,40 MAIN        (------ ): DEBUG_INIT
15.03.2018 16:14:49,348 MAIN        (------ ): DEBUG_INIT
15.03.2018 16:24:45,445 MAIN        (------ ): DEBUG_INIT
15.03.2018 16:34:43,418 MAIN        (------ ): DEBUG_INIT
15.03.2018 16:44:39,793 MAIN        (------ ): DEBUG_INIT
15.03.2018 16:52:52,275 MAIN        (------ ): DEBUG_INIT
15.03.2018 16:54:43,53 MAIN        (------ ): DEBUG_INIT
15.03.2018 17:04:40,11 MAIN        (------ ): DEBUG_INIT
15.03.2018 17:14:41,928 MAIN        (------ ): DEBUG_INIT
15.03.2018 17:24:41,894 MAIN        (------ ): DEBUG_INIT
15.03.2018 17:34:44,804 MAIN        (------ ): DEBUG_INIT
15.03.2018 17:44:42,354 MAIN        (------ ): DEBUG_INIT
15.03.2018 17:54:45,169 MAIN        (------ ): DEBUG_INIT
15.03.2018 18:04:41,407 MAIN        (------ ): DEBUG_INIT
15.03.2018 18:14:41,998 MAIN        (------ ): DEBUG_INIT
15.03.2018 18:24:42,68 MAIN        (------ ): DEBUG_INIT
15.03.2018 18:34:50,989 MAIN        (------ ): DEBUG_INIT
15.03.2018 18:44:41,873 MAIN        (------ ): DEBUG_INIT
15.03.2018 18:54:42,405 MAIN        (------ ): DEBUG_INIT
15.03.2018 19:04:45,435 MAIN        (------ ): DEBUG_INIT
15.03.2018 19:14:47,904 MAIN        (------ ): DEBUG_INIT
15.03.2018 19:24:44,241 MAIN        (------ ): DEBUG_INIT
15.03.2018 19:34:44,155 MAIN        (------ ): DEBUG_INIT
15.03.2018 19:44:38,883 MAIN        (------ ): DEBUG_INIT
15.03.2018 19:54:37,654 MAIN        (------ ): DEBUG_INIT
15.03.2018 20:04:38,243 MAIN        (------ ): DEBUG_INIT
15.03.2018 20:14:46,307 MAIN        (------ ): DEBUG_INIT
15.03.2018 20:22:11,938 MAIN        (------ ): DEBUG_INIT
15.03.2018 20:24:43,964 MAIN        (------ ): DEBUG_INIT
15.03.2018 20:34:38,382 MAIN        (------ ): DEBUG_INIT
15.03.2018 20:44:40,60 MAIN        (------ ): DEBUG_INIT
15.03.2018 20:47:28,174 MAIN        (------ ): DEBUG_INIT
15.03.2018 20:47:28,266 paramiko.transport (DEBUG  ): EOF in transport thread
15.03.2018 20:47:28,306 paramiko.transport (DEBUG  ): starting thread (client mode): 0xbc08fe10L
15.03.2018 20:47:28,306 paramiko.transport (DEBUG  ): Local version/idstring: SSH-2.0-paramiko_2.0.0
15.03.2018 20:47:28,315 paramiko.transport (DEBUG  ): Remote version/idstring: SSH-2.0-OpenSSH_6.7p1 Debian-5+deb8u3A~4.2.0.201702101826
15.03.2018 20:47:28,315 paramiko.transport (INFO   ): Connected (version 2.0, client OpenSSH_6.7p1)
15.03.2018 20:47:28,320 paramiko.transport (DEBUG  ): kex algos:[u'gss-gex-sha1-toWM5Slw5Ew8Mqkay+al2g==', u'gss-group1-sha1-toWM5Slw5Ew8Mqkay+al2g==', u'gss-group14-sha1-toWM5Slw5Ew8Mqkay+al2g==', u'curve25519-sha256@libssh.org', u'ecdh-sha2-nistp256', u'ecdh-sha2-nistp384', u'ecdh-sha2-nistp521', u'diffie-hellman-group-exchange-sha256', u'diffie-hellman-group14-sha1'] server key:[u'ssh-rsa', u'ecdsa-sha2-nistp256'] client encrypt:[u'aes128-ctr', u'aes192-ctr', u'aes256-ctr', u'aes128-gcm@openssh.com', u'aes256-gcm@openssh.com', u'chacha20-poly1305@openssh.com'] server encrypt:[u'aes128-ctr', u'aes192-ctr', u'aes256-ctr', u'aes128-gcm@openssh.com', u'aes256-gcm@openssh.com', u'chacha20-poly1305@openssh.com'] client mac:[u'umac-64-etm@openssh.com', u'umac-128-etm@openssh.com', u'hmac-sha2-256-etm@openssh.com', u'hmac-sha2-512-etm@openssh.com', u'hmac-sha1-etm@openssh.com', u'umac-64@openssh.com', u'umac-128@openssh.com', u'hmac-sha2-256', u'hmac-sha2-512', u'hmac-sha1'] server mac:[u'umac-64-etm@openssh.com', u'umac-128-etm@openssh.com', u'hmac-sha2-256-etm@openssh.com', u'hmac-sha2-512-etm@openssh.com', u'hmac-sha1-etm@openssh.com', u'umac-64@openssh.com', u'umac-128@openssh.com', u'hmac-sha2-256', u'hmac-sha2-512', u'hmac-sha1'] client compress:[u'none', u'zlib@openssh.com'] server compress:[u'none', u'zlib@openssh.com'] client lang:[u''] server lang:[u''] kex follows?False
15.03.2018 20:47:28,321 paramiko.transport (DEBUG  ): Kex agreed: diffie-hellman-group14-sha1
15.03.2018 20:47:28,321 paramiko.transport (DEBUG  ): Cipher agreed: aes128-ctr
15.03.2018 20:47:28,321 paramiko.transport (DEBUG  ): MAC agreed: hmac-sha2-256
15.03.2018 20:47:28,321 paramiko.transport (DEBUG  ): Compression agreed: none
15.03.2018 20:47:28,371 paramiko.transport (DEBUG  ): kex engine KexGroup14 specified hash_algo <built-in function openssl_sha1>
15.03.2018 20:47:28,372 paramiko.transport (DEBUG  ): Switch to new keys ...
15.03.2018 20:47:28,415 paramiko.transport (DEBUG  ): userauth is OK
15.03.2018 20:47:28,418 paramiko.transport (DEBUG  ): Authentication type (password) not permitted.
15.03.2018 20:47:28,418 paramiko.transport (DEBUG  ): Allowed methods: [u'publickey', u'gssapi-keyex', u'gssapi-with-mic', u'keyboard-interactive']
15.03.2018 20:47:28,423 paramiko.transport (DEBUG  ): userauth is OK
15.03.2018 20:47:28,460 paramiko.transport (INFO   ): Authentication (keyboard-interactive) successful!
15.03.2018 20:47:28,561 paramiko.transport (DEBUG  ): EOF in transport thread
15.03.2018 20:47:29,446 paramiko.transport (DEBUG  ): starting thread (client mode): 0x8876e990L
15.03.2018 20:47:29,446 paramiko.transport (DEBUG  ): Local version/idstring: SSH-2.0-paramiko_2.0.0
15.03.2018 20:47:29,446 paramiko.transport (DEBUG  ): Remote version/idstring: SSH-2.0-OpenSSH_6.7p1 Debian-5+deb8u3A~4.2.0.201702101826
15.03.2018 20:47:29,446 paramiko.transport (INFO   ): Connected (version 2.0, client OpenSSH_6.7p1)
15.03.2018 20:47:29,449 paramiko.transport (DEBUG  ): kex algos:[u'gss-gex-sha1-toWM5Slw5Ew8Mqkay+al2g==', u'gss-group1-sha1-toWM5Slw5Ew8Mqkay+al2g==', u'gss-group14-sha1-toWM5Slw5Ew8Mqkay+al2g==', u'curve25519-sha256@libssh.org', u'ecdh-sha2-nistp256', u'ecdh-sha2-nistp384', u'ecdh-sha2-nistp521', u'diffie-hellman-group-exchange-sha256', u'diffie-hellman-group14-sha1'] server key:[u'ssh-rsa', u'ecdsa-sha2-nistp256'] client encrypt:[u'aes128-ctr', u'aes192-ctr', u'aes256-ctr', u'aes128-gcm@openssh.com', u'aes256-gcm@openssh.com', u'chacha20-poly1305@openssh.com'] server encrypt:[u'aes128-ctr', u'aes192-ctr', u'aes256-ctr', u'aes128-gcm@openssh.com', u'aes256-gcm@openssh.com', u'chacha20-poly1305@openssh.com'] client mac:[u'umac-64-etm@openssh.com', u'umac-128-etm@openssh.com', u'hmac-sha2-256-etm@openssh.com', u'hmac-sha2-512-etm@openssh.com', u'hmac-sha1-etm@openssh.com', u'umac-64@openssh.com', u'umac-128@openssh.com', u'hmac-sha2-256', u'hmac-sha2-512', u'hmac-sha1'] server mac:[u'umac-64-etm@openssh.com', u'umac-128-etm@openssh.com', u'hmac-sha2-256-etm@openssh.com', u'hmac-sha2-512-etm@openssh.com', u'hmac-sha1-etm@openssh.com', u'umac-64@openssh.com', u'umac-128@openssh.com', u'hmac-sha2-256', u'hmac-sha2-512', u'hmac-sha1'] client compress:[u'none', u'zlib@openssh.com'] server compress:[u'none', u'zlib@openssh.com'] client lang:[u''] server lang:[u''] kex follows?False
15.03.2018 20:47:29,449 paramiko.transport (DEBUG  ): Kex agreed: diffie-hellman-group14-sha1
15.03.2018 20:47:29,450 paramiko.transport (DEBUG  ): Cipher agreed: aes128-ctr
15.03.2018 20:47:29,450 paramiko.transport (DEBUG  ): MAC agreed: hmac-sha2-256
15.03.2018 20:47:29,450 paramiko.transport (DEBUG  ): Compression agreed: none
15.03.2018 20:47:29,502 paramiko.transport (DEBUG  ): kex engine KexGroup14 specified hash_algo <built-in function openssl_sha1>
15.03.2018 20:47:29,503 paramiko.transport (DEBUG  ): Switch to new keys ...
15.03.2018 20:47:29,547 paramiko.transport (DEBUG  ): userauth is OK
15.03.2018 20:47:32,494 paramiko.transport (DEBUG  ): Authentication type (password) not permitted.
15.03.2018 20:47:32,494 paramiko.transport (DEBUG  ): Allowed methods: [u'publickey', u'gssapi-keyex', u'gssapi-with-mic', u'keyboard-interactive']
15.03.2018 20:47:32,527 paramiko.transport (DEBUG  ): userauth is OK
15.03.2018 20:47:44,880 paramiko.transport (INFO   ): Authentication (keyboard-interactive) successful!
15.03.2018 20:47:44,982 paramiko.transport (DEBUG  ): EOF in transport thread
15.03.2018 20:47:45,22 paramiko.transport (DEBUG  ): starting thread (client mode): 0xc0d76ed0L
15.03.2018 20:47:45,22 paramiko.transport (DEBUG  ): Local version/idstring: SSH-2.0-paramiko_2.0.0
15.03.2018 20:47:45,30 paramiko.transport (DEBUG  ): Remote version/idstring: SSH-2.0-OpenSSH_6.7p1 Debian-5+deb8u3A~4.2.0.201702101826
15.03.2018 20:47:45,30 paramiko.transport (INFO   ): Connected (version 2.0, client OpenSSH_6.7p1)
15.03.2018 20:47:45,38 paramiko.transport (DEBUG  ): kex algos:[u'gss-gex-sha1-toWM5Slw5Ew8Mqkay+al2g==', u'gss-group1-sha1-toWM5Slw5Ew8Mqkay+al2g==', u'gss-group14-sha1-toWM5Slw5Ew8Mqkay+al2g==', u'curve25519-sha256@libssh.org', u'ecdh-sha2-nistp256', u'ecdh-sha2-nistp384', u'ecdh-sha2-nistp521', u'diffie-hellman-group-exchange-sha256', u'diffie-hellman-group14-sha1'] server key:[u'ssh-rsa', u'ecdsa-sha2-nistp256'] client encrypt:[u'aes128-ctr', u'aes192-ctr', u'aes256-ctr', u'aes128-gcm@openssh.com', u'aes256-gcm@openssh.com', u'chacha20-poly1305@openssh.com'] server encrypt:[u'aes128-ctr', u'aes192-ctr', u'aes256-ctr', u'aes128-gcm@openssh.com', u'aes256-gcm@openssh.com', u'chacha20-poly1305@openssh.com'] client mac:[u'umac-64-etm@openssh.com', u'umac-128-etm@openssh.com', u'hmac-sha2-256-etm@openssh.com', u'hmac-sha2-512-etm@openssh.com', u'hmac-sha1-etm@openssh.com', u'umac-64@openssh.com', u'umac-128@openssh.com', u'hmac-sha2-256', u'hmac-sha2-512', u'hmac-sha1'] server mac:[u'umac-64-etm@openssh.com', u'umac-128-etm@openssh.com', u'hmac-sha2-256-etm@openssh.com', u'hmac-sha2-512-etm@openssh.com', u'hmac-sha1-etm@openssh.com', u'umac-64@openssh.com', u'umac-128@openssh.com', u'hmac-sha2-256', u'hmac-sha2-512', u'hmac-sha1'] client compress:[u'none', u'zlib@openssh.com'] server compress:[u'none', u'zlib@openssh.com'] client lang:[u''] server lang:[u''] kex follows?False
15.03.2018 20:47:45,38 paramiko.transport (DEBUG  ): Kex agreed: diffie-hellman-group14-sha1
15.03.2018 20:47:45,39 paramiko.transport (DEBUG  ): Cipher agreed: aes128-ctr
15.03.2018 20:47:45,39 paramiko.transport (DEBUG  ): MAC agreed: hmac-sha2-256
15.03.2018 20:47:45,39 paramiko.transport (DEBUG  ): Compression agreed: none
15.03.2018 20:47:45,160 paramiko.transport (DEBUG  ): kex engine KexGroup14 specified hash_algo <built-in function openssl_sha1>
15.03.2018 20:47:45,161 paramiko.transport (DEBUG  ): Switch to new keys ...
15.03.2018 20:47:45,206 paramiko.transport (DEBUG  ): userauth is OK
15.03.2018 20:47:45,207 paramiko.transport (DEBUG  ): Authentication type (password) not permitted.
15.03.2018 20:47:45,207 paramiko.transport (DEBUG  ): Allowed methods: [u'publickey', u'gssapi-keyex', u'gssapi-with-mic', u'keyboard-interactive']
15.03.2018 20:47:45,239 paramiko.transport (DEBUG  ): userauth is OK
15.03.2018 20:47:49,226 paramiko.transport (INFO   ): Authentication (keyboard-interactive) successful!
15.03.2018 20:47:49,326 paramiko.transport (DEBUG  ): EOF in transport thread
15.03.2018 20:54:39,213 MAIN        (------ ): DEBUG_INIT
15.03.2018 21:04:40,550 MAIN        (------ ): DEBUG_INIT
15.03.2018 21:14:42,785 MAIN        (------ ): DEBUG_INIT
15.03.2018 21:24:39,619 MAIN        (------ ): DEBUG_INIT
15.03.2018 21:34:40,306 MAIN        (------ ): DEBUG_INIT
15.03.2018 21:44:39,908 MAIN        (------ ): DEBUG_INIT
15.03.2018 21:54:40,497 MAIN        (------ ): DEBUG_INIT
15.03.2018 22:04:39,6 MAIN        (------ ): DEBUG_INIT
15.03.2018 22:14:39,889 MAIN        (------ ): DEBUG_INIT
15.03.2018 22:24:42,58 MAIN        (------ ): DEBUG_INIT
15.03.2018 22:34:39,519 MAIN        (------ ): DEBUG_INIT
15.03.2018 22:44:40,791 MAIN        (------ ): DEBUG_INIT
15.03.2018 22:54:40,717 MAIN        (------ ): DEBUG_INIT
15.03.2018 23:04:39,733 MAIN        (------ ): DEBUG_INIT
15.03.2018 23:14:43,574 MAIN        (------ ): DEBUG_INIT
15.03.2018 23:15:43,367 MAIN        (------ ): DEBUG_INIT
15.03.2018 23:16:36,776 MAIN        (------ ): DEBUG_INIT
15.03.2018 23:26:35,972 MAIN        (------ ): DEBUG_INIT
15.03.2018 23:36:36,519 MAIN        (------ ): DEBUG_INIT
15.03.2018 23:46:36,126 MAIN        (------ ): DEBUG_INIT
15.03.2018 23:56:37,150 MAIN        (------ ): DEBUG_INIT
16.03.2018 00:06:40,591 MAIN        (------ ): DEBUG_INIT
16.03.2018 00:16:40,832 MAIN        (------ ): DEBUG_INIT
16.03.2018 00:26:40,848 MAIN        (------ ): DEBUG_INIT
16.03.2018 00:36:41,797 MAIN        (------ ): DEBUG_INIT
16.03.2018 00:46:42,563 MAIN        (------ ): DEBUG_INIT
16.03.2018 00:56:42,174 MAIN        (------ ): DEBUG_INIT
16.03.2018 01:06:41,0 MAIN        (------ ): DEBUG_INIT
16.03.2018 01:16:42,366 MAIN        (------ ): DEBUG_INIT
16.03.2018 01:26:41,243 MAIN        (------ ): DEBUG_INIT
16.03.2018 01:36:40,667 MAIN        (------ ): DEBUG_INIT
16.03.2018 01:46:42,496 MAIN        (------ ): DEBUG_INIT
16.03.2018 01:56:46,770 MAIN        (------ ): DEBUG_INIT
16.03.2018 01:57:43,44 MAIN        (------ ): DEBUG_INIT
16.03.2018 02:07:44,12 MAIN        (------ ): DEBUG_INIT
16.03.2018 02:08:41,655 MAIN        (------ ): DEBUG_INIT
16.03.2018 02:18:40,136 MAIN        (------ ): DEBUG_INIT
16.03.2018 02:28:41,788 MAIN        (------ ): DEBUG_INIT
16.03.2018 02:38:40,745 MAIN        (------ ): DEBUG_INIT
16.03.2018 02:48:41,688 MAIN        (------ ): DEBUG_INIT
16.03.2018 02:58:40,974 MAIN        (------ ): DEBUG_INIT
16.03.2018 03:08:46,14 MAIN        (------ ): DEBUG_INIT
16.03.2018 03:09:40,792 MAIN        (------ ): DEBUG_INIT
16.03.2018 03:19:42,570 MAIN        (------ ): DEBUG_INIT
16.03.2018 03:29:43,600 MAIN        (------ ): DEBUG_INIT
16.03.2018 03:30:40,321 MAIN        (------ ): DEBUG_INIT
16.03.2018 03:40:40,217 MAIN        (------ ): DEBUG_INIT
16.03.2018 03:50:37,421 MAIN        (------ ): DEBUG_INIT
16.03.2018 04:00:41,770 MAIN        (------ ): DEBUG_INIT
16.03.2018 04:10:42,504 MAIN        (------ ): DEBUG_INIT
16.03.2018 04:11:44,989 MAIN        (------ ): DEBUG_INIT
16.03.2018 04:12:46,573 MAIN        (------ ): DEBUG_INIT
16.03.2018 04:13:41,863 MAIN        (------ ): DEBUG_INIT
16.03.2018 04:23:42,286 MAIN        (------ ): DEBUG_INIT
16.03.2018 04:33:41,594 MAIN        (------ ): DEBUG_INIT
16.03.2018 04:43:40,273 MAIN        (------ ): DEBUG_INIT
16.03.2018 04:53:39,668 MAIN        (------ ): DEBUG_INIT
16.03.2018 05:03:39,393 MAIN        (------ ): DEBUG_INIT
16.03.2018 05:13:41,749 MAIN        (------ ): DEBUG_INIT
16.03.2018 05:23:40,335 MAIN        (------ ): DEBUG_INIT
16.03.2018 05:33:45,377 MAIN        (------ ): DEBUG_INIT
16.03.2018 05:34:41,929 MAIN        (------ ): DEBUG_INIT
16.03.2018 05:44:42,281 MAIN        (------ ): DEBUG_INIT
16.03.2018 05:54:39,898 MAIN        (------ ): DEBUG_INIT
16.03.2018 06:04:40,908 MAIN        (------ ): DEBUG_INIT
16.03.2018 06:14:44,472 MAIN        (------ ): DEBUG_INIT
16.03.2018 06:15:46,37 MAIN        (------ ): DEBUG_INIT
16.03.2018 06:16:41,445 MAIN        (------ ): DEBUG_INIT
16.03.2018 06:26:46,183 MAIN        (------ ): DEBUG_INIT
16.03.2018 06:27:48,543 MAIN        (------ ): DEBUG_INIT
16.03.2018 06:28:42,65 MAIN        (------ ): DEBUG_INIT
16.03.2018 06:38:53,705 MAIN        (------ ): DEBUG_INIT
16.03.2018 06:39:47,673 MAIN        (------ ): DEBUG_INIT
16.03.2018 06:40:42,356 MAIN        (------ ): DEBUG_INIT
16.03.2018 06:41:44,656 MAIN        (------ ): DEBUG_INIT
16.03.2018 06:51:45,250 MAIN        (------ ): DEBUG_INIT
16.03.2018 07:01:46,55 MAIN        (------ ): DEBUG_INIT
16.03.2018 07:11:43,292 MAIN        (------ ): DEBUG_INIT
16.03.2018 07:21:45,388 MAIN        (------ ): DEBUG_INIT
16.03.2018 07:31:43,517 MAIN        (------ ): DEBUG_INIT
16.03.2018 07:41:45,732 MAIN        (------ ): DEBUG_INIT
16.03.2018 07:51:51,53 MAIN        (------ ): DEBUG_INIT
16.03.2018 07:52:40,915 MAIN        (------ ): DEBUG_INIT
16.03.2018 08:02:42,987 MAIN        (------ ): DEBUG_INIT
16.03.2018 08:12:46,256 MAIN        (------ ): DEBUG_INIT
16.03.2018 08:22:40,970 MAIN        (------ ): DEBUG_INIT
16.03.2018 08:32:41,674 MAIN        (------ ): DEBUG_INIT
16.03.2018 08:42:40,164 MAIN        (------ ): DEBUG_INIT
16.03.2018 08:52:44,752 MAIN        (------ ): DEBUG_INIT
16.03.2018 09:02:43,534 MAIN        (------ ): DEBUG_INIT
16.03.2018 09:12:42,356 MAIN        (------ ): DEBUG_INIT
16.03.2018 09:22:43,266 MAIN        (------ ): DEBUG_INIT
16.03.2018 09:32:43,75 MAIN        (------ ): DEBUG_INIT
16.03.2018 09:42:43,626 MAIN        (------ ): DEBUG_INIT
16.03.2018 09:52:42,854 MAIN        (------ ): DEBUG_INIT
16.03.2018 10:02:43,269 MAIN        (------ ): DEBUG_INIT
16.03.2018 10:12:44,841 MAIN        (------ ): DEBUG_INIT
16.03.2018 10:22:42,870 MAIN        (------ ): DEBUG_INIT
16.03.2018 10:29:15,207 MAIN        (------ ): DEBUG_INIT
16.03.2018 10:30:07,196 MAIN        (------ ): DEBUG_INIT
16.03.2018 10:32:47,776 MAIN        (------ ): DEBUG_INIT
16.03.2018 10:33:43,912 MAIN        (------ ): DEBUG_INIT
16.03.2018 10:34:16,798 MAIN        (------ ): DEBUG_INIT
16.03.2018 10:34:45,631 MAIN        (------ ): DEBUG_INIT
16.03.2018 10:35:51,17 MAIN        (------ ): DEBUG_INIT
16.03.2018 10:36:40,658 MAIN        (------ ): DEBUG_INIT
16.03.2018 10:37:46,350 MAIN        (------ ): DEBUG_INIT
16.03.2018 10:38:08,611 MAIN        (------ ): DEBUG_INIT
16.03.2018 10:38:42,821 MAIN        (------ ): DEBUG_INIT
16.03.2018 10:39:45,994 MAIN        (------ ): DEBUG_INIT

#17
root@ucsmaster:~# univention-ldapsearch -b uid=ucs-sso,cn=users,dc=sunhut,dc=local dn
# extended LDIF
#
# LDAPv3
# base <uid=ucs-sso,cn=users,dc=sunhut,dc=local> with scope subtree
# filter: (objectclass=*)
# requesting: dn
#

# ucs-sso, users, sunhut.local
dn: uid=ucs-sso,cn=users,dc=sunhut,dc=local

# search result
search: 3
result: 0 Success

# numResponses: 2
# numEntries: 1
root@ucsmaster:~# univention-s4search -b cn=ucs-sso,cn=users,dc=sunhut,dc=local
search error - LDAP error 32 LDAP_NO_SUCH_OBJECT -  <00002030: No such Base DN: cn=ucs-sso,cn=users,dc=sunhut,dc=local> <>

#19

@sgvfr Please open a separate thread for your issue. From what you’ve written the underlying reason seems to be different, and trying to solve two different problems in the same thread gets pretty confusing pretty quickly. Thanks.


#20

@bhagert Please post the content of the log file /var/log/univention/connector-s4.log (you did post log content, but that seems to be from another log file). Please also make sure that the S4 Connector is actually running; post the output of systemctl status univention-s4-connector.service

Kind regards,
mosu


#21
root@ucsmaster:~# systemctl status univention-s4-connector.service
● univention-s4-connector.service - LSB: Univention S4 Connector
   Loaded: loaded (/etc/init.d/univention-s4-connector; generated; vendor preset
   Active: active (running) since Sun 2018-03-18 06:32:03 CET; 2 days ago
     Docs: man:systemd-sysv-generator(8)
  Process: 27587 ExecStop=/etc/init.d/univention-s4-connector stop (code=exited,
  Process: 27600 ExecStart=/etc/init.d/univention-s4-connector start (code=exite
 Main PID: 27680 (python2.7)
    Tasks: 1 (limit: 4915)
   Memory: 94.9M
      CPU: 5min 52.190s
   CGroup: /system.slice/univention-s4-connector.service
           └─27680 /usr/bin/python2.7 -W ignore /usr/lib/pymodules/python2.7/uni

mar 18 06:31:58 ucsmaster systemd[1]: Stopped LSB: Univention S4 Connector.
mar 18 06:31:58 ucsmaster systemd[1]: Starting LSB: Univention S4 Connector...
mar 18 06:32:03 ucsmaster univention-s4-connector[27600]: Starting Univention S4
mar 18 06:32:03 ucsmaster systemd[1]: univention-s4-connector.service: PID file
mar 18 06:32:03 ucsmaster systemd[1]: univention-s4-connector.service: Supervisi
mar 18 06:32:03 ucsmaster systemd[1]: Started LSB: Univention S4 Connector.
lines 1--1...skipping...
● univention-s4-connector.service - LSB: Univention S4 Connector
   Loaded: loaded (/etc/init.d/univention-s4-connector; generated; vendor preset: enabled)
   Active: active (running) since Sun 2018-03-18 06:32:03 CET; 2 days ago
     Docs: man:systemd-sysv-generator(8)
  Process: 27587 ExecStop=/etc/init.d/univention-s4-connector stop (code=exited, status=0/SUCCESS)
  Process: 27600 ExecStart=/etc/init.d/univention-s4-connector start (code=exited, status=0/SUCCESS)
 Main PID: 27680 (python2.7)
    Tasks: 1 (limit: 4915)
   Memory: 94.9M
      CPU: 5min 52.190s
   CGroup: /system.slice/univention-s4-connector.service
           └─27680 /usr/bin/python2.7 -W ignore /usr/lib/pymodules/python2.7/univention/s4connector/s4/main.py

mar 18 06:31:58 ucsmaster systemd[1]: Stopped LSB: Univention S4 Connector.
mar 18 06:31:58 ucsmaster systemd[1]: Starting LSB: Univention S4 Connector...
mar 18 06:32:03 ucsmaster univention-s4-connector[27600]: Starting Univention S4 Connector: univention-s4-connector.
mar 18 06:32:03 ucsmaster systemd[1]: univention-s4-connector.service: PID file /var/run/univention-s4-connector not readable (yet?) after
mar 18 06:32:03 ucsmaster systemd[1]: univention-s4-connector.service: Supervising process 27680 which is not our child. We'll most likely
mar 18 06:32:03 ucsmaster systemd[1]: Started LSB: Univention S4 Connector.

#22

/var/log/univention/connector-s4.log:
https://pastebin.com/WkUmFbkC1

systemctl status univention-s4-connector.service
● univention-s4-connector.service - LSB: Univention S4 Connector
   Loaded: loaded (/etc/init.d/univention-s4-connector; generated; vendor preset: enabled)
   Active: active (running) since Tue 2018-03-20 11:56:01 CET; 4h 53min ago
     Docs: man:systemd-sysv-generator(8)
  Process: 24306 ExecStop=/etc/init.d/univention-s4-connector stop (code=exited, status=0/SUCCESS)
  Process: 24316 ExecStart=/etc/init.d/univention-s4-connector start (code=exited, status=0/SUCCESS)
 Main PID: 24489 (python2.7)
    Tasks: 1 (limit: 4915)
   Memory: 69.9M
      CPU: 2min 29.321s
   CGroup: /system.slice/univention-s4-connector.service
           └─24489 /usr/bin/python2.7 -W ignore /usr/lib/pymodules/python2.7/univention/s4connector/s4/main.py

mar 20 11:55:52 ucs-8023 systemd[1]: Starting LSB: Univention S4 Connector...
mar 20 11:56:01 ucs-8023 univention-s4-connector[24316]: Starting Univention S4 Connector: univention-s4-connector.
mar 20 11:56:01 ucs-8023 systemd[1]: univention-s4-connector.service: Supervising process 24489 which is not our child. We'll most likely not notice when it exits.
mar 20 11:56:01 ucs-8023 systemd[1]: Started LSB: Univention S4 Connector.


#23

@andreaussi I don’t understand why you’re posting stuff here as well. If you have a similar issue, please open a separate thread for it; don’t hijack this one. Conflating multiple issues in the same thread gets pretty confusing pretty quickly. Thanks.


#24

Ok @Moritz_Bunkus

I thought it was helpful to group similar issues together


#25

Well previous post actually held connector-s4.log, however since then the content has changed.
The log is to large to post but I believe I got the important stuff below.

20.03.2018 16:24:58,201 LDAP        (PROCESS): sync from ucs:   Resync rejected file: /var/lib/univention-connector/s4/1521211644.983017
20.03.2018 16:24:59,672 LDAP        (PROCESS): sync from ucs: [          user] [       add] cn=ucs-sso,cn=users,DC=sunhut,DC=local
20.03.2018 16:25:00,827 LDAP        (PROCESS): sync_from_ucs: error during add, searching for conflicting deleted object in S4
20.03.2018 16:25:00,828 LDAP        (PROCESS): sync_from_ucs: no conflicting deleted object found
20.03.2018 16:25:03,129 LDAP        (WARNING): sync failed, saved as rejected
        /var/lib/univention-connector/s4/1521211644.983017
20.03.2018 16:25:03,129 LDAP        (WARNING): Traceback (most recent call last):
  File "/usr/lib/pymodules/python2.7/univention/s4connector/__init__.py", line 897, in __sync_file_from_ucs
    if ((old_dn and not self.sync_from_ucs(key, object, premapped_ucs_dn, unicode(old_dn, 'utf8'), old, new)) or (not old_dn and not self.sync_from_ucs(key, object, premapped_ucs_dn, old_dn, old, new))):
  File "/usr/lib/pymodules/python2.7/univention/s4connector/s4/__init__.py", line 2525, in sync_from_ucs
    self.lo_s4.lo.add_ext_s(compatible_modstring(object['dn']), compatible_addlist(addlist), serverctrls=ctrls)  # FIXME encoding
  File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 195, in add_ext_s
    resp_type, resp_data, resp_msgid, resp_ctrls = self.result3(msgid,all=1,timeout=self.timeout)
  File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 514, in result3
    resp_ctrl_classes=resp_ctrl_classes
  File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 521, in result4
    ldap_result = self._ldap_call(self._l.result4,msgid,all,timeout,add_ctrls,add_intermediates,add_extop)
  File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 106, in _ldap_call
    result = func(*args,**kwargs)
ALREADY_EXISTS: {'info': '00002071: ../ldb_tdb/ldb_index.c:1339: Failed to re-index objectSid in CN=ucs-sso,CN=Users,DC=sunhut,DC=local - ../ldb_tdb/ldb_index.c:1259: unique index violation on objectSid in CN=ucs-sso,CN=Users,DC=sunhut,DC=local', 'desc': 'Already exists'}

20.03.2018 16:25:03,129 LDAP        (PROCESS): sync from ucs:   Resync rejected file: /var/lib/univention-connector/s4/1521211675.184647
20.03.2018 16:25:03,237 LDAP        (PROCESS): sync from ucs: [          user] [       add] cn=ldapper-s-ucsutil,cn=users,DC=sunhut,DC=local
20.03.2018 16:25:09,550 LDAP        (PROCESS): sync_from_ucs: error during add, searching for conflicting deleted object in S4
20.03.2018 16:25:09,551 LDAP        (PROCESS): sync_from_ucs: no conflicting deleted object found
20.03.2018 16:25:11,339 LDAP        (WARNING): sync failed, saved as rejected
        /var/lib/univention-connector/s4/1521211675.184647
20.03.2018 16:25:11,339 LDAP        (WARNING): Traceback (most recent call last):
  File "/usr/lib/pymodules/python2.7/univention/s4connector/__init__.py", line 897, in __sync_file_from_ucs
    if ((old_dn and not self.sync_from_ucs(key, object, premapped_ucs_dn, unicode(old_dn, 'utf8'), old, new)) or (not old_dn and not self.sync_from_ucs(key, object, premapped_ucs_dn, old_dn, old, new))):
  File "/usr/lib/pymodules/python2.7/univention/s4connector/s4/__init__.py", line 2525, in sync_from_ucs
    self.lo_s4.lo.add_ext_s(compatible_modstring(object['dn']), compatible_addlist(addlist), serverctrls=ctrls)  # FIXME encoding
  File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 195, in add_ext_s
    resp_type, resp_data, resp_msgid, resp_ctrls = self.result3(msgid,all=1,timeout=self.timeout)
  File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 514, in result3
    resp_ctrl_classes=resp_ctrl_classes
  File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 521, in result4
    ldap_result = self._ldap_call(self._l.result4,msgid,all,timeout,add_ctrls,add_intermediates,add_extop)
  File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 106, in _ldap_call
    result = func(*args,**kwargs)
ALREADY_EXISTS: {'info': '00002071: ../ldb_tdb/ldb_index.c:1339: Failed to re-index objectSid in CN=ldapper-s-ucsutil,CN=Users,DC=sunhut,DC=local - ../ldb_tdb/ldb_index.c:1259: unique index violation on objectSid in CN=ldapper-s-ucsutil,CN=Users,DC=sunhut,DC=local', 'desc': 'Already exists'}

20.03.2018 16:25:11,339 LDAP        (PROCESS): sync from ucs:   Resync rejected file: /var/lib/univention-connector/s4/1521211676.216838
20.03.2018 16:25:11,343 LDAP        (PROCESS): sync from ucs: [         group] [       add] cn=wordpress-authors,cn=groups,DC=sunhut,DC=local
20.03.2018 16:25:14,566 LDAP        (PROCESS): sync_from_ucs: error during add, searching for conflicting deleted object in S4
20.03.2018 16:25:14,567 LDAP        (PROCESS): sync_from_ucs: no conflicting deleted object found
20.03.2018 16:25:16,298 LDAP        (WARNING): sync failed, saved as rejected
        /var/lib/univention-connector/s4/1521211676.216838
20.03.2018 16:25:16,299 LDAP        (WARNING): Traceback (most recent call last):
  File "/usr/lib/pymodules/python2.7/univention/s4connector/__init__.py", line 897, in __sync_file_from_ucs
    if ((old_dn and not self.sync_from_ucs(key, object, premapped_ucs_dn, unicode(old_dn, 'utf8'), old, new)) or (not old_dn and not self.sync_from_ucs(key, object, premapped_ucs_dn, old_dn, old, new))):
  File "/usr/lib/pymodules/python2.7/univention/s4connector/s4/__init__.py", line 2525, in sync_from_ucs
    self.lo_s4.lo.add_ext_s(compatible_modstring(object['dn']), compatible_addlist(addlist), serverctrls=ctrls)  # FIXME encoding
  File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 195, in add_ext_s
    resp_type, resp_data, resp_msgid, resp_ctrls = self.result3(msgid,all=1,timeout=self.timeout)
  File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 514, in result3
    resp_ctrl_classes=resp_ctrl_classes
  File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 521, in result4
    ldap_result = self._ldap_call(self._l.result4,msgid,all,timeout,add_ctrls,add_intermediates,add_extop)
  File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 106, in _ldap_call
    result = func(*args,**kwargs)
ALREADY_EXISTS: {'info': '00002071: ../ldb_tdb/ldb_index.c:1339: Failed to re-index objectSid in CN=wordpress-authors,CN=Groups,DC=sunhut,DC=local - ../ldb_tdb/ldb_index.c:1259: unique index violation on objectSid in CN=wordpress-authors,CN=Groups,DC=sunhut,DC=local', 'desc': 'Already exists'}

20.03.2018 16:25:16,299 LDAP        (PROCESS): sync from ucs:   Resync rejected file: /var/lib/univention-connector/s4/1521211676.696255
20.03.2018 16:25:16,302 LDAP        (PROCESS): sync from ucs: [         group] [       add] cn=wordpress-editors,cn=groups,DC=sunhut,DC=local
20.03.2018 16:25:17,594 LDAP        (PROCESS): sync_from_ucs: error during add, searching for conflicting deleted object in S4
20.03.2018 16:25:17,595 LDAP        (PROCESS): sync_from_ucs: no conflicting deleted object found
20.03.2018 16:25:19,54 LDAP        (WARNING): sync failed, saved as rejected
        /var/lib/univention-connector/s4/1521211676.696255
20.03.2018 16:25:19,54 LDAP        (WARNING): Traceback (most recent call last):
  File "/usr/lib/pymodules/python2.7/univention/s4connector/__init__.py", line 897, in __sync_file_from_ucs
    if ((old_dn and not self.sync_from_ucs(key, object, premapped_ucs_dn, unicode(old_dn, 'utf8'), old, new)) or (not old_dn and not self.sync_from_ucs(key, object, premapped_ucs_dn, old_dn, old, new))):
  File "/usr/lib/pymodules/python2.7/univention/s4connector/s4/__init__.py", line 2525, in sync_from_ucs
    self.lo_s4.lo.add_ext_s(compatible_modstring(object['dn']), compatible_addlist(addlist), serverctrls=ctrls)  # FIXME encoding
  File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 195, in add_ext_s
    resp_type, resp_data, resp_msgid, resp_ctrls = self.result3(msgid,all=1,timeout=self.timeout)
  File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 514, in result3
    resp_ctrl_classes=resp_ctrl_classes
  File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 521, in result4
    ldap_result = self._ldap_call(self._l.result4,msgid,all,timeout,add_ctrls,add_intermediates,add_extop)
  File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 106, in _ldap_call
    result = func(*args,**kwargs)
ALREADY_EXISTS: {'info': '00002071: ../ldb_tdb/ldb_index.c:1339: Failed to re-index objectSid in CN=wordpress-editors,CN=Groups,DC=sunhut,DC=local - ../ldb_tdb/ldb_index.c:1259: unique index violation on objectSid in CN=wordpress-editors,CN=Groups,DC=sunhut,DC=local', 'desc': 'Already exists'}

20.03.2018 16:25:19,55 LDAP        (PROCESS): sync from ucs:   Resync rejected file: /var/lib/univention-connector/s4/1521211731.694827
20.03.2018 16:25:20,54 LDAP        (PROCESS): sync from ucs: [         group] [       add] cn=wordpress-subscribers,cn=groups,DC=sunhut,DC=local
20.03.2018 16:25:21,713 LDAP        (PROCESS): sync_from_ucs: error during add, searching for conflicting deleted object in S4
20.03.2018 16:25:21,718 LDAP        (PROCESS): sync_from_ucs: no conflicting deleted object found
20.03.2018 16:25:23,459 LDAP        (WARNING): sync failed, saved as rejected
        /var/lib/univention-connector/s4/1521211731.694827
20.03.2018 16:25:23,460 LDAP        (WARNING): Traceback (most recent call last):
  File "/usr/lib/pymodules/python2.7/univention/s4connector/__init__.py", line 897, in __sync_file_from_ucs
    if ((old_dn and not self.sync_from_ucs(key, object, premapped_ucs_dn, unicode(old_dn, 'utf8'), old, new)) or (not old_dn and not self.sync_from_ucs(key, object, premapped_ucs_dn, old_dn, old, new))):
  File "/usr/lib/pymodules/python2.7/univention/s4connector/s4/__init__.py", line 2525, in sync_from_ucs
    self.lo_s4.lo.add_ext_s(compatible_modstring(object['dn']), compatible_addlist(addlist), serverctrls=ctrls)  # FIXME encoding
  File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 195, in add_ext_s
    resp_type, resp_data, resp_msgid, resp_ctrls = self.result3(msgid,all=1,timeout=self.timeout)
  File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 514, in result3
    resp_ctrl_classes=resp_ctrl_classes
  File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 521, in result4
    ldap_result = self._ldap_call(self._l.result4,msgid,all,timeout,add_ctrls,add_intermediates,add_extop)
  File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 106, in _ldap_call
    result = func(*args,**kwargs)
ALREADY_EXISTS: {'info': '00002071: ../ldb_tdb/ldb_index.c:1339: Failed to re-index objectSid in CN=wordpress-subscribers,CN=Groups,DC=sunhut,DC=local - ../ldb_tdb/ldb_index.c:1259: unique index violation on objectSid in CN=wordpress-subscribers,CN=Groups,DC=sunhut,DC=local', 'desc': 'Already exists'}

20.03.2018 16:26:28,545 LDAP        (PROCESS): sync from ucs:   Resync rejected file: /var/lib/univention-connector/s4/1521211743.928006
20.03.2018 16:26:28,550 LDAP        (PROCESS): sync from ucs: [         group] [       add] cn=wordpress-contributors,cn=groups,DC=sunhut,DC=local
20.03.2018 16:26:33,161 LDAP        (PROCESS): sync_from_ucs: error during add, searching for conflicting deleted object in S4
20.03.2018 16:26:33,166 LDAP        (PROCESS): sync_from_ucs: no conflicting deleted object found
20.03.2018 16:26:35,332 LDAP        (WARNING): sync failed, saved as rejected
        /var/lib/univention-connector/s4/1521211743.928006
20.03.2018 16:26:35,332 LDAP        (WARNING): Traceback (most recent call last):
  File "/usr/lib/pymodules/python2.7/univention/s4connector/__init__.py", line 897, in __sync_file_from_ucs
    if ((old_dn and not self.sync_from_ucs(key, object, premapped_ucs_dn, unicode(old_dn, 'utf8'), old, new)) or (not old_dn and not self.sync_from_ucs(key, object, premapped_ucs_dn, old_dn, old, new))):
  File "/usr/lib/pymodules/python2.7/univention/s4connector/s4/__init__.py", line 2525, in sync_from_ucs
    self.lo_s4.lo.add_ext_s(compatible_modstring(object['dn']), compatible_addlist(addlist), serverctrls=ctrls)  # FIXME encoding
  File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 195, in add_ext_s
    resp_type, resp_data, resp_msgid, resp_ctrls = self.result3(msgid,all=1,timeout=self.timeout)
  File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 514, in result3
    resp_ctrl_classes=resp_ctrl_classes
  File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 521, in result4
    ldap_result = self._ldap_call(self._l.result4,msgid,all,timeout,add_ctrls,add_intermediates,add_extop)
  File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 106, in _ldap_call
    result = func(*args,**kwargs)
ALREADY_EXISTS: {'info': '00002071: ../ldb_tdb/ldb_index.c:1339: Failed to re-index objectSid in CN=wordpress-contributors,CN=Groups,DC=sunhut,DC=local - ../ldb_tdb/ldb_index.c:1259: unique index violation on objectSid in CN=wordpress-contributors,CN=Groups,DC=sunhut,DC=local', 'desc': 'Already exists'}

20.03.2018 16:26:35,332 LDAP        (PROCESS): sync from ucs:   Resync rejected file: /var/lib/univention-connector/s4/1521211807.687465
20.03.2018 16:26:35,472 LDAP        (PROCESS): sync from ucs: [windowscomputer] [       add] cn=ucstest,cn=memberserver,cn=computers,DC=sunhut,DC=local
20.03.2018 16:26:36,944 LDAP        (PROCESS): sync_from_ucs: error during add, searching for conflicting deleted object in S4
20.03.2018 16:26:36,945 LDAP        (PROCESS): sync_from_ucs: no conflicting deleted object found
20.03.2018 16:26:38,887 LDAP        (WARNING): sync failed, saved as rejected
        /var/lib/univention-connector/s4/1521211807.687465
20.03.2018 16:26:38,887 LDAP        (WARNING): Traceback (most recent call last):
  File "/usr/lib/pymodules/python2.7/univention/s4connector/__init__.py", line 897, in __sync_file_from_ucs
    if ((old_dn and not self.sync_from_ucs(key, object, premapped_ucs_dn, unicode(old_dn, 'utf8'), old, new)) or (not old_dn and not self.sync_from_ucs(key, object, premapped_ucs_dn, old_dn, old, new))):
  File "/usr/lib/pymodules/python2.7/univention/s4connector/s4/__init__.py", line 2525, in sync_from_ucs
    self.lo_s4.lo.add_ext_s(compatible_modstring(object['dn']), compatible_addlist(addlist), serverctrls=ctrls)  # FIXME encoding
  File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 195, in add_ext_s
    resp_type, resp_data, resp_msgid, resp_ctrls = self.result3(msgid,all=1,timeout=self.timeout)
  File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 514, in result3
    resp_ctrl_classes=resp_ctrl_classes
  File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 521, in result4
    ldap_result = self._ldap_call(self._l.result4,msgid,all,timeout,add_ctrls,add_intermediates,add_extop)
  File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 106, in _ldap_call
    result = func(*args,**kwargs)
ALREADY_EXISTS: {'info': '00002071: ../ldb_tdb/ldb_index.c:1339: Failed to re-index objectSid in CN=ucstest,CN=memberserver,CN=Computers,DC=sunhut,DC=local - ../ldb_tdb/ldb_index.c:1259: unique index violation on objectSid in CN=ucstest,CN=memberserver,CN=Computers,DC=sunhut,DC=local', 'desc': 'Already exists'}

20.03.2018 16:26:38,887 LDAP        (PROCESS): sync from ucs:   Resync rejected file: /var/lib/univention-connector/s4/1521211862.395348
20.03.2018 16:26:38,990 LDAP        (PROCESS): sync from ucs: [windowscomputer] [       add] cn=owncl-09688169,cn=memberserver,cn=computers,DC=sunhut,DC=local
20.03.2018 16:26:41,216 LDAP        (PROCESS): sync_from_ucs: error during add, searching for conflicting deleted object in S4
20.03.2018 16:26:41,218 LDAP        (PROCESS): sync_from_ucs: no conflicting deleted object found
20.03.2018 16:26:42,459 LDAP        (WARNING): sync failed, saved as rejected
        /var/lib/univention-connector/s4/1521211862.395348
20.03.2018 16:26:42,459 LDAP        (WARNING): Traceback (most recent call last):
  File "/usr/lib/pymodules/python2.7/univention/s4connector/__init__.py", line 897, in __sync_file_from_ucs
    if ((old_dn and not self.sync_from_ucs(key, object, premapped_ucs_dn, unicode(old_dn, 'utf8'), old, new)) or (not old_dn and not self.sync_from_ucs(key, object, premapped_ucs_dn, old_dn, old, new))):
  File "/usr/lib/pymodules/python2.7/univention/s4connector/s4/__init__.py", line 2525, in sync_from_ucs
    self.lo_s4.lo.add_ext_s(compatible_modstring(object['dn']), compatible_addlist(addlist), serverctrls=ctrls)  # FIXME encoding
  File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 195, in add_ext_s
    resp_type, resp_data, resp_msgid, resp_ctrls = self.result3(msgid,all=1,timeout=self.timeout)
  File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 514, in result3
    resp_ctrl_classes=resp_ctrl_classes
  File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 521, in result4
    ldap_result = self._ldap_call(self._l.result4,msgid,all,timeout,add_ctrls,add_intermediates,add_extop)
  File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 106, in _ldap_call
    result = func(*args,**kwargs)
ALREADY_EXISTS: {'info': '00002071: ../ldb_tdb/ldb_index.c:1339: Failed to re-index objectSid in CN=owncl-09688169,CN=memberserver,CN=Computers,DC=sunhut,DC=local - ../ldb_tdb/ldb_index.c:1259: unique index violation on objectSid in CN=owncl-09688169,CN=memberserver,CN=Computers,DC=sunhut,DC=local', 'desc': 'Already exists'}

20.03.2018 16:26:42,460 LDAP        (PROCESS): sync from ucs:   Resync rejected file: /var/lib/univention-connector/s4/1521211863.102711
20.03.2018 16:26:42,559 LDAP        (PROCESS): sync from ucs: [windowscomputer] [       add] cn=wordp-30672859,cn=memberserver,cn=computers,DC=sunhut,DC=local
20.03.2018 16:26:44,671 LDAP        (PROCESS): sync_from_ucs: error during add, searching for conflicting deleted object in S4
20.03.2018 16:26:44,672 LDAP        (PROCESS): sync_from_ucs: no conflicting deleted object found
20.03.2018 16:26:45,766 LDAP        (WARNING): sync failed, saved as rejected
        /var/lib/univention-connector/s4/1521211863.102711
20.03.2018 16:26:45,766 LDAP        (WARNING): Traceback (most recent call last):
  File "/usr/lib/pymodules/python2.7/univention/s4connector/__init__.py", line 897, in __sync_file_from_ucs
    if ((old_dn and not self.sync_from_ucs(key, object, premapped_ucs_dn, unicode(old_dn, 'utf8'), old, new)) or (not old_dn and not self.sync_from_ucs(key, object, premapped_ucs_dn, old_dn, old, new))):
  File "/usr/lib/pymodules/python2.7/univention/s4connector/s4/__init__.py", line 2525, in sync_from_ucs
    self.lo_s4.lo.add_ext_s(compatible_modstring(object['dn']), compatible_addlist(addlist), serverctrls=ctrls)  # FIXME encoding
  File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 195, in add_ext_s
    resp_type, resp_data, resp_msgid, resp_ctrls = self.result3(msgid,all=1,timeout=self.timeout)
  File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 514, in result3
    resp_ctrl_classes=resp_ctrl_classes
  File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 521, in result4
    ldap_result = self._ldap_call(self._l.result4,msgid,all,timeout,add_ctrls,add_intermediates,add_extop)
  File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 106, in _ldap_call
    result = func(*args,**kwargs)
ALREADY_EXISTS: {'info': '00002071: ../ldb_tdb/ldb_index.c:1339: Failed to re-index objectSid in CN=wordp-30672859,CN=memberserver,CN=Computers,DC=sunhut,DC=local - ../ldb_tdb/ldb_index.c:1259: unique index violation on objectSid in CN=wordp-30672859,CN=memberserver,CN=Computers,DC=sunhut,DC=local', 'desc': 'Already exists'}

20.03.2018 16:26:45,766 LDAP        (PROCESS): sync from ucs:   Resync rejected file: /var/lib/univention-connector/s4/1521212114.917405
20.03.2018 16:26:45,829 LDAP        (PROCESS): sync from ucs: [         group] [       add] cn=wordpress-authors,cn=groups,DC=sunhut,DC=local
20.03.2018 16:26:49,686 LDAP        (PROCESS): sync_from_ucs: error during add, searching for conflicting deleted object in S4
20.03.2018 16:26:49,691 LDAP        (PROCESS): sync_from_ucs: no conflicting deleted object found
20.03.2018 16:26:51,438 LDAP        (WARNING): sync failed, saved as rejected
        /var/lib/univention-connector/s4/1521212114.917405
20.03.2018 16:26:51,438 LDAP        (WARNING): Traceback (most recent call last):
  File "/usr/lib/pymodules/python2.7/univention/s4connector/__init__.py", line 897, in __sync_file_from_ucs
    if ((old_dn and not self.sync_from_ucs(key, object, premapped_ucs_dn, unicode(old_dn, 'utf8'), old, new)) or (not old_dn and not self.sync_from_ucs(key, object, premapped_ucs_dn, old_dn, old, new))):
  File "/usr/lib/pymodules/python2.7/univention/s4connector/s4/__init__.py", line 2525, in sync_from_ucs
    self.lo_s4.lo.add_ext_s(compatible_modstring(object['dn']), compatible_addlist(addlist), serverctrls=ctrls)  # FIXME encoding
  File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 195, in add_ext_s
    resp_type, resp_data, resp_msgid, resp_ctrls = self.result3(msgid,all=1,timeout=self.timeout)
  File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 514, in result3
    resp_ctrl_classes=resp_ctrl_classes
  File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 521, in result4
    ldap_result = self._ldap_call(self._l.result4,msgid,all,timeout,add_ctrls,add_intermediates,add_extop)
  File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 106, in _ldap_call
    result = func(*args,**kwargs)
ALREADY_EXISTS: {'info': '00002071: ../ldb_tdb/ldb_index.c:1339: Failed to re-index objectSid in CN=wordpress-authors,CN=Groups,DC=sunhut,DC=local - ../ldb_tdb/ldb_index.c:1259: unique index violation on objectSid in CN=wordpress-authors,CN=Groups,DC=sunhut,DC=local', 'desc': 'Already exists'}

20.03.2018 16:26:51,439 LDAP        (PROCESS): sync from ucs:   Resync rejected file: /var/lib/univention-connector/s4/1521212114.917555
20.03.2018 16:26:51,531 LDAP        (PROCESS): sync from ucs: [         group] [       add] cn=wordpress-editors,cn=groups,DC=sunhut,DC=local
20.03.2018 16:26:52,428 LDAP        (PROCESS): sync_from_ucs: error during add, searching for conflicting deleted object in S4
20.03.2018 16:26:52,429 LDAP        (PROCESS): sync_from_ucs: no conflicting deleted object found
20.03.2018 16:26:53,758 LDAP        (WARNING): sync failed, saved as rejected
        /var/lib/univention-connector/s4/1521212114.917555
20.03.2018 16:26:53,759 LDAP        (WARNING): Traceback (most recent call last):
  File "/usr/lib/pymodules/python2.7/univention/s4connector/__init__.py", line 897, in __sync_file_from_ucs
    if ((old_dn and not self.sync_from_ucs(key, object, premapped_ucs_dn, unicode(old_dn, 'utf8'), old, new)) or (not old_dn and not self.sync_from_ucs(key, object, premapped_ucs_dn, old_dn, old, new))):
  File "/usr/lib/pymodules/python2.7/univention/s4connector/s4/__init__.py", line 2525, in sync_from_ucs
    self.lo_s4.lo.add_ext_s(compatible_modstring(object['dn']), compatible_addlist(addlist), serverctrls=ctrls)  # FIXME encoding
  File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 195, in add_ext_s
    resp_type, resp_data, resp_msgid, resp_ctrls = self.result3(msgid,all=1,timeout=self.timeout)
  File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 514, in result3
    resp_ctrl_classes=resp_ctrl_classes
  File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 521, in result4
    ldap_result = self._ldap_call(self._l.result4,msgid,all,timeout,add_ctrls,add_intermediates,add_extop)
  File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 106, in _ldap_call
    result = func(*args,**kwargs)
ALREADY_EXISTS: {'info': '00002071: ../ldb_tdb/ldb_index.c:1339: Failed to re-index objectSid in CN=wordpress-editors,CN=Groups,DC=sunhut,DC=local - ../ldb_tdb/ldb_index.c:1259: unique index violation on objectSid in CN=wordpress-editors,CN=Groups,DC=sunhut,DC=local', 'desc': 'Already exists'}

20.03.2018 16:26:53,759 LDAP        (PROCESS): sync from ucs:   Resync rejected file: /var/lib/univention-connector/s4/1521212114.922899
20.03.2018 16:26:53,799 LDAP        (PROCESS): sync from ucs: [         group] [       add] cn=wordpress-subscribers,cn=groups,DC=sunhut,DC=local
20.03.2018 16:26:56,534 LDAP        (PROCESS): sync_from_ucs: error during add, searching for conflicting deleted object in S4
20.03.2018 16:26:56,543 LDAP        (PROCESS): sync_from_ucs: no conflicting deleted object found
20.03.2018 16:26:57,391 LDAP        (WARNING): sync failed, saved as rejected
        /var/lib/univention-connector/s4/1521212114.922899
20.03.2018 16:26:57,391 LDAP        (WARNING): Traceback (most recent call last):
  File "/usr/lib/pymodules/python2.7/univention/s4connector/__init__.py", line 897, in __sync_file_from_ucs
    if ((old_dn and not self.sync_from_ucs(key, object, premapped_ucs_dn, unicode(old_dn, 'utf8'), old, new)) or (not old_dn and not self.sync_from_ucs(key, object, premapped_ucs_dn, old_dn, old, new))):
  File "/usr/lib/pymodules/python2.7/univention/s4connector/s4/__init__.py", line 2525, in sync_from_ucs
    self.lo_s4.lo.add_ext_s(compatible_modstring(object['dn']), compatible_addlist(addlist), serverctrls=ctrls)  # FIXME encoding
  File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 195, in add_ext_s
    resp_type, resp_data, resp_msgid, resp_ctrls = self.result3(msgid,all=1,timeout=self.timeout)
  File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 514, in result3
    resp_ctrl_classes=resp_ctrl_classes
  File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 521, in result4
    ldap_result = self._ldap_call(self._l.result4,msgid,all,timeout,add_ctrls,add_intermediates,add_extop)
  File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 106, in _ldap_call
    result = func(*args,**kwargs)
ALREADY_EXISTS: {'info': '00002071: ../ldb_tdb/ldb_index.c:1339: Failed to re-index objectSid in CN=wordpress-subscribers,CN=Groups,DC=sunhut,DC=local - ../ldb_tdb/ldb_index.c:1259: unique index violation on objectSid in CN=wordpress-subscribers,CN=Groups,DC=sunhut,DC=local', 'desc': 'Already exists'}

20.03.2018 16:26:57,392 LDAP        (PROCESS): sync from ucs:   Resync rejected file: /var/lib/univention-connector/s4/1521212114.923334
20.03.2018 16:26:57,443 LDAP        (PROCESS): sync from ucs: [         group] [       add] cn=wordpress-contributors,cn=groups,DC=sunhut,DC=local
20.03.2018 16:26:58,709 LDAP        (PROCESS): sync_from_ucs: error during add, searching for conflicting deleted object in S4
20.03.2018 16:26:58,716 LDAP        (PROCESS): sync_from_ucs: no conflicting deleted object found
20.03.2018 16:27:00,436 LDAP        (WARNING): sync failed, saved as rejected
        /var/lib/univention-connector/s4/1521212114.923334
20.03.2018 16:27:00,437 LDAP        (WARNING): Traceback (most recent call last):
  File "/usr/lib/pymodules/python2.7/univention/s4connector/__init__.py", line 897, in __sync_file_from_ucs
    if ((old_dn and not self.sync_from_ucs(key, object, premapped_ucs_dn, unicode(old_dn, 'utf8'), old, new)) or (not old_dn and not self.sync_from_ucs(key, object, premapped_ucs_dn, old_dn, old, new))):
  File "/usr/lib/pymodules/python2.7/univention/s4connector/s4/__init__.py", line 2525, in sync_from_ucs
    self.lo_s4.lo.add_ext_s(compatible_modstring(object['dn']), compatible_addlist(addlist), serverctrls=ctrls)  # FIXME encoding
  File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 195, in add_ext_s
    resp_type, resp_data, resp_msgid, resp_ctrls = self.result3(msgid,all=1,timeout=self.timeout)
  File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 514, in result3
    resp_ctrl_classes=resp_ctrl_classes
  File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 521, in result4
    ldap_result = self._ldap_call(self._l.result4,msgid,all,timeout,add_ctrls,add_intermediates,add_extop)
  File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 106, in _ldap_call
    result = func(*args,**kwargs)
ALREADY_EXISTS: {'info': '00002071: ../ldb_tdb/ldb_index.c:1339: Failed to re-index objectSid in CN=wordpress-contributors,CN=Groups,DC=sunhut,DC=local - ../ldb_tdb/ldb_index.c:1259: unique index violation on objectSid in CN=wordpress-contributors,CN=Groups,DC=sunhut,DC=local', 'desc': 'Already exists'}

20.03.2018 16:27:00,437 LDAP        (PROCESS): sync from ucs:   Resync rejected file: /var/lib/univention-connector/s4/1521213158.807890
20.03.2018 16:27:00,586 LDAP        (PROCESS): sync from ucs: [          user] [       add] cn=Radmin,cn=users,DC=sunhut,DC=local
20.03.2018 16:27:02,398 LDAP        (PROCESS): sync_from_ucs: error during add, searching for conflicting deleted object in S4
20.03.2018 16:27:02,398 LDAP        (PROCESS): sync_from_ucs: no conflicting deleted object found
20.03.2018 16:27:02,871 LDAP        (WARNING): sync failed, saved as rejected
        /var/lib/univention-connector/s4/1521213158.807890
20.03.2018 16:27:02,871 LDAP        (WARNING): Traceback (most recent call last):
  File "/usr/lib/pymodules/python2.7/univention/s4connector/__init__.py", line 897, in __sync_file_from_ucs
    if ((old_dn and not self.sync_from_ucs(key, object, premapped_ucs_dn, unicode(old_dn, 'utf8'), old, new)) or (not old_dn and not self.sync_from_ucs(key, object, premapped_ucs_dn, old_dn, old, new))):
  File "/usr/lib/pymodules/python2.7/univention/s4connector/s4/__init__.py", line 2525, in sync_from_ucs
    self.lo_s4.lo.add_ext_s(compatible_modstring(object['dn']), compatible_addlist(addlist), serverctrls=ctrls)  # FIXME encoding
  File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 195, in add_ext_s
    resp_type, resp_data, resp_msgid, resp_ctrls = self.result3(msgid,all=1,timeout=self.timeout)
  File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 514, in result3
    resp_ctrl_classes=resp_ctrl_classes
  File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 521, in result4
    ldap_result = self._ldap_call(self._l.result4,msgid,all,timeout,add_ctrls,add_intermediates,add_extop)
  File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 106, in _ldap_call
    result = func(*args,**kwargs)
ALREADY_EXISTS: {'info': '00002071: ../ldb_tdb/ldb_index.c:1339: Failed to re-index objectSid in CN=Radmin,CN=Users,DC=sunhut,DC=local - ../ldb_tdb/ldb_index.c:1259: unique index violation on objectSid in CN=Radmin,CN=Users,DC=sunhut,DC=local', 'desc': 'Already exists'}

20.03.2018 16:27:02,871 LDAP        (PROCESS): sync from ucs:   Resync rejected file: /var/lib/univention-connector/s4/1521213169.743682
20.03.2018 16:27:03,685 LDAP        (PROCESS): sync from ucs: [          user] [    modify] cn=Radmin,cn=users,DC=sunhut,DC=local
20.03.2018 16:27:06,324 LDAP        (PROCESS): sync_from_ucs: error during add, searching for conflicting deleted object in S4
20.03.2018 16:27:06,325 LDAP        (PROCESS): sync_from_ucs: no conflicting deleted object found
20.03.2018 16:27:07,151 LDAP        (WARNING): sync failed, saved as rejected

#26

Hey,

thanks, those log entries do help, or at least they shed some light on what’s happening. But the “why” still escapes me. It basically means that there are entries in the Samba4 LDAP that have the same ID as the ones that are about to be added. This isn’t good — no two objects can have the same ID. It hints at a problem with the RID counter.

Please post the output of the following commands:

univention-s4search --cross-ncs objectSid=$(univention-ldapsearch uid=ucs-sso sambasid | awk '/^sambaSID/ { print $2 }') dn objectSid
univention-ldapsearch sambaSID=$(univention-ldapsearch uid=mbunkus sambasid | awk '/^sambaSID/ { print $2 }') dn
univention-s4search --cross-ncs 'ridnextrid=*'
univention-s4search --cross-ncs 'objectsid=*' objectsid | grep $(net getdomainsid | sed -e 's/.* //')- | awk '/^objectSid:/ { gsub(".*-", "", $2); print $2 }' | sort -n | tail -n 10

Kind regards,
mosu