Update to 4.3 breaks on 98univention-samba4-saml-kerberos.inst

@andreaussi I don’t understand why you’re posting stuff here as well. If you have a similar issue, please open a separate thread for it; don’t hijack this one. Conflating multiple issues in the same thread gets pretty confusing pretty quickly. Thanks.

Ok @Moritz_Bunkus

I thought it was helpful to group similar issues together

Well previous post actually held connector-s4.log, however since then the content has changed.
The log is to large to post but I believe I got the important stuff below.

20.03.2018 16:24:58,201 LDAP        (PROCESS): sync from ucs:   Resync rejected file: /var/lib/univention-connector/s4/1521211644.983017
20.03.2018 16:24:59,672 LDAP        (PROCESS): sync from ucs: [          user] [       add] cn=ucs-sso,cn=users,DC=sunhut,DC=local
20.03.2018 16:25:00,827 LDAP        (PROCESS): sync_from_ucs: error during add, searching for conflicting deleted object in S4
20.03.2018 16:25:00,828 LDAP        (PROCESS): sync_from_ucs: no conflicting deleted object found
20.03.2018 16:25:03,129 LDAP        (WARNING): sync failed, saved as rejected
        /var/lib/univention-connector/s4/1521211644.983017
20.03.2018 16:25:03,129 LDAP        (WARNING): Traceback (most recent call last):
  File "/usr/lib/pymodules/python2.7/univention/s4connector/__init__.py", line 897, in __sync_file_from_ucs
    if ((old_dn and not self.sync_from_ucs(key, object, premapped_ucs_dn, unicode(old_dn, 'utf8'), old, new)) or (not old_dn and not self.sync_from_ucs(key, object, premapped_ucs_dn, old_dn, old, new))):
  File "/usr/lib/pymodules/python2.7/univention/s4connector/s4/__init__.py", line 2525, in sync_from_ucs
    self.lo_s4.lo.add_ext_s(compatible_modstring(object['dn']), compatible_addlist(addlist), serverctrls=ctrls)  # FIXME encoding
  File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 195, in add_ext_s
    resp_type, resp_data, resp_msgid, resp_ctrls = self.result3(msgid,all=1,timeout=self.timeout)
  File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 514, in result3
    resp_ctrl_classes=resp_ctrl_classes
  File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 521, in result4
    ldap_result = self._ldap_call(self._l.result4,msgid,all,timeout,add_ctrls,add_intermediates,add_extop)
  File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 106, in _ldap_call
    result = func(*args,**kwargs)
ALREADY_EXISTS: {'info': '00002071: ../ldb_tdb/ldb_index.c:1339: Failed to re-index objectSid in CN=ucs-sso,CN=Users,DC=sunhut,DC=local - ../ldb_tdb/ldb_index.c:1259: unique index violation on objectSid in CN=ucs-sso,CN=Users,DC=sunhut,DC=local', 'desc': 'Already exists'}

20.03.2018 16:25:03,129 LDAP        (PROCESS): sync from ucs:   Resync rejected file: /var/lib/univention-connector/s4/1521211675.184647
20.03.2018 16:25:03,237 LDAP        (PROCESS): sync from ucs: [          user] [       add] cn=ldapper-s-ucsutil,cn=users,DC=sunhut,DC=local
20.03.2018 16:25:09,550 LDAP        (PROCESS): sync_from_ucs: error during add, searching for conflicting deleted object in S4
20.03.2018 16:25:09,551 LDAP        (PROCESS): sync_from_ucs: no conflicting deleted object found
20.03.2018 16:25:11,339 LDAP        (WARNING): sync failed, saved as rejected
        /var/lib/univention-connector/s4/1521211675.184647
20.03.2018 16:25:11,339 LDAP        (WARNING): Traceback (most recent call last):
  File "/usr/lib/pymodules/python2.7/univention/s4connector/__init__.py", line 897, in __sync_file_from_ucs
    if ((old_dn and not self.sync_from_ucs(key, object, premapped_ucs_dn, unicode(old_dn, 'utf8'), old, new)) or (not old_dn and not self.sync_from_ucs(key, object, premapped_ucs_dn, old_dn, old, new))):
  File "/usr/lib/pymodules/python2.7/univention/s4connector/s4/__init__.py", line 2525, in sync_from_ucs
    self.lo_s4.lo.add_ext_s(compatible_modstring(object['dn']), compatible_addlist(addlist), serverctrls=ctrls)  # FIXME encoding
  File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 195, in add_ext_s
    resp_type, resp_data, resp_msgid, resp_ctrls = self.result3(msgid,all=1,timeout=self.timeout)
  File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 514, in result3
    resp_ctrl_classes=resp_ctrl_classes
  File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 521, in result4
    ldap_result = self._ldap_call(self._l.result4,msgid,all,timeout,add_ctrls,add_intermediates,add_extop)
  File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 106, in _ldap_call
    result = func(*args,**kwargs)
ALREADY_EXISTS: {'info': '00002071: ../ldb_tdb/ldb_index.c:1339: Failed to re-index objectSid in CN=ldapper-s-ucsutil,CN=Users,DC=sunhut,DC=local - ../ldb_tdb/ldb_index.c:1259: unique index violation on objectSid in CN=ldapper-s-ucsutil,CN=Users,DC=sunhut,DC=local', 'desc': 'Already exists'}

20.03.2018 16:25:11,339 LDAP        (PROCESS): sync from ucs:   Resync rejected file: /var/lib/univention-connector/s4/1521211676.216838
20.03.2018 16:25:11,343 LDAP        (PROCESS): sync from ucs: [         group] [       add] cn=wordpress-authors,cn=groups,DC=sunhut,DC=local
20.03.2018 16:25:14,566 LDAP        (PROCESS): sync_from_ucs: error during add, searching for conflicting deleted object in S4
20.03.2018 16:25:14,567 LDAP        (PROCESS): sync_from_ucs: no conflicting deleted object found
20.03.2018 16:25:16,298 LDAP        (WARNING): sync failed, saved as rejected
        /var/lib/univention-connector/s4/1521211676.216838
20.03.2018 16:25:16,299 LDAP        (WARNING): Traceback (most recent call last):
  File "/usr/lib/pymodules/python2.7/univention/s4connector/__init__.py", line 897, in __sync_file_from_ucs
    if ((old_dn and not self.sync_from_ucs(key, object, premapped_ucs_dn, unicode(old_dn, 'utf8'), old, new)) or (not old_dn and not self.sync_from_ucs(key, object, premapped_ucs_dn, old_dn, old, new))):
  File "/usr/lib/pymodules/python2.7/univention/s4connector/s4/__init__.py", line 2525, in sync_from_ucs
    self.lo_s4.lo.add_ext_s(compatible_modstring(object['dn']), compatible_addlist(addlist), serverctrls=ctrls)  # FIXME encoding
  File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 195, in add_ext_s
    resp_type, resp_data, resp_msgid, resp_ctrls = self.result3(msgid,all=1,timeout=self.timeout)
  File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 514, in result3
    resp_ctrl_classes=resp_ctrl_classes
  File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 521, in result4
    ldap_result = self._ldap_call(self._l.result4,msgid,all,timeout,add_ctrls,add_intermediates,add_extop)
  File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 106, in _ldap_call
    result = func(*args,**kwargs)
ALREADY_EXISTS: {'info': '00002071: ../ldb_tdb/ldb_index.c:1339: Failed to re-index objectSid in CN=wordpress-authors,CN=Groups,DC=sunhut,DC=local - ../ldb_tdb/ldb_index.c:1259: unique index violation on objectSid in CN=wordpress-authors,CN=Groups,DC=sunhut,DC=local', 'desc': 'Already exists'}

20.03.2018 16:25:16,299 LDAP        (PROCESS): sync from ucs:   Resync rejected file: /var/lib/univention-connector/s4/1521211676.696255
20.03.2018 16:25:16,302 LDAP        (PROCESS): sync from ucs: [         group] [       add] cn=wordpress-editors,cn=groups,DC=sunhut,DC=local
20.03.2018 16:25:17,594 LDAP        (PROCESS): sync_from_ucs: error during add, searching for conflicting deleted object in S4
20.03.2018 16:25:17,595 LDAP        (PROCESS): sync_from_ucs: no conflicting deleted object found
20.03.2018 16:25:19,54 LDAP        (WARNING): sync failed, saved as rejected
        /var/lib/univention-connector/s4/1521211676.696255
20.03.2018 16:25:19,54 LDAP        (WARNING): Traceback (most recent call last):
  File "/usr/lib/pymodules/python2.7/univention/s4connector/__init__.py", line 897, in __sync_file_from_ucs
    if ((old_dn and not self.sync_from_ucs(key, object, premapped_ucs_dn, unicode(old_dn, 'utf8'), old, new)) or (not old_dn and not self.sync_from_ucs(key, object, premapped_ucs_dn, old_dn, old, new))):
  File "/usr/lib/pymodules/python2.7/univention/s4connector/s4/__init__.py", line 2525, in sync_from_ucs
    self.lo_s4.lo.add_ext_s(compatible_modstring(object['dn']), compatible_addlist(addlist), serverctrls=ctrls)  # FIXME encoding
  File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 195, in add_ext_s
    resp_type, resp_data, resp_msgid, resp_ctrls = self.result3(msgid,all=1,timeout=self.timeout)
  File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 514, in result3
    resp_ctrl_classes=resp_ctrl_classes
  File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 521, in result4
    ldap_result = self._ldap_call(self._l.result4,msgid,all,timeout,add_ctrls,add_intermediates,add_extop)
  File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 106, in _ldap_call
    result = func(*args,**kwargs)
ALREADY_EXISTS: {'info': '00002071: ../ldb_tdb/ldb_index.c:1339: Failed to re-index objectSid in CN=wordpress-editors,CN=Groups,DC=sunhut,DC=local - ../ldb_tdb/ldb_index.c:1259: unique index violation on objectSid in CN=wordpress-editors,CN=Groups,DC=sunhut,DC=local', 'desc': 'Already exists'}

20.03.2018 16:25:19,55 LDAP        (PROCESS): sync from ucs:   Resync rejected file: /var/lib/univention-connector/s4/1521211731.694827
20.03.2018 16:25:20,54 LDAP        (PROCESS): sync from ucs: [         group] [       add] cn=wordpress-subscribers,cn=groups,DC=sunhut,DC=local
20.03.2018 16:25:21,713 LDAP        (PROCESS): sync_from_ucs: error during add, searching for conflicting deleted object in S4
20.03.2018 16:25:21,718 LDAP        (PROCESS): sync_from_ucs: no conflicting deleted object found
20.03.2018 16:25:23,459 LDAP        (WARNING): sync failed, saved as rejected
        /var/lib/univention-connector/s4/1521211731.694827
20.03.2018 16:25:23,460 LDAP        (WARNING): Traceback (most recent call last):
  File "/usr/lib/pymodules/python2.7/univention/s4connector/__init__.py", line 897, in __sync_file_from_ucs
    if ((old_dn and not self.sync_from_ucs(key, object, premapped_ucs_dn, unicode(old_dn, 'utf8'), old, new)) or (not old_dn and not self.sync_from_ucs(key, object, premapped_ucs_dn, old_dn, old, new))):
  File "/usr/lib/pymodules/python2.7/univention/s4connector/s4/__init__.py", line 2525, in sync_from_ucs
    self.lo_s4.lo.add_ext_s(compatible_modstring(object['dn']), compatible_addlist(addlist), serverctrls=ctrls)  # FIXME encoding
  File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 195, in add_ext_s
    resp_type, resp_data, resp_msgid, resp_ctrls = self.result3(msgid,all=1,timeout=self.timeout)
  File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 514, in result3
    resp_ctrl_classes=resp_ctrl_classes
  File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 521, in result4
    ldap_result = self._ldap_call(self._l.result4,msgid,all,timeout,add_ctrls,add_intermediates,add_extop)
  File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 106, in _ldap_call
    result = func(*args,**kwargs)
ALREADY_EXISTS: {'info': '00002071: ../ldb_tdb/ldb_index.c:1339: Failed to re-index objectSid in CN=wordpress-subscribers,CN=Groups,DC=sunhut,DC=local - ../ldb_tdb/ldb_index.c:1259: unique index violation on objectSid in CN=wordpress-subscribers,CN=Groups,DC=sunhut,DC=local', 'desc': 'Already exists'}

20.03.2018 16:26:28,545 LDAP        (PROCESS): sync from ucs:   Resync rejected file: /var/lib/univention-connector/s4/1521211743.928006
20.03.2018 16:26:28,550 LDAP        (PROCESS): sync from ucs: [         group] [       add] cn=wordpress-contributors,cn=groups,DC=sunhut,DC=local
20.03.2018 16:26:33,161 LDAP        (PROCESS): sync_from_ucs: error during add, searching for conflicting deleted object in S4
20.03.2018 16:26:33,166 LDAP        (PROCESS): sync_from_ucs: no conflicting deleted object found
20.03.2018 16:26:35,332 LDAP        (WARNING): sync failed, saved as rejected
        /var/lib/univention-connector/s4/1521211743.928006
20.03.2018 16:26:35,332 LDAP        (WARNING): Traceback (most recent call last):
  File "/usr/lib/pymodules/python2.7/univention/s4connector/__init__.py", line 897, in __sync_file_from_ucs
    if ((old_dn and not self.sync_from_ucs(key, object, premapped_ucs_dn, unicode(old_dn, 'utf8'), old, new)) or (not old_dn and not self.sync_from_ucs(key, object, premapped_ucs_dn, old_dn, old, new))):
  File "/usr/lib/pymodules/python2.7/univention/s4connector/s4/__init__.py", line 2525, in sync_from_ucs
    self.lo_s4.lo.add_ext_s(compatible_modstring(object['dn']), compatible_addlist(addlist), serverctrls=ctrls)  # FIXME encoding
  File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 195, in add_ext_s
    resp_type, resp_data, resp_msgid, resp_ctrls = self.result3(msgid,all=1,timeout=self.timeout)
  File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 514, in result3
    resp_ctrl_classes=resp_ctrl_classes
  File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 521, in result4
    ldap_result = self._ldap_call(self._l.result4,msgid,all,timeout,add_ctrls,add_intermediates,add_extop)
  File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 106, in _ldap_call
    result = func(*args,**kwargs)
ALREADY_EXISTS: {'info': '00002071: ../ldb_tdb/ldb_index.c:1339: Failed to re-index objectSid in CN=wordpress-contributors,CN=Groups,DC=sunhut,DC=local - ../ldb_tdb/ldb_index.c:1259: unique index violation on objectSid in CN=wordpress-contributors,CN=Groups,DC=sunhut,DC=local', 'desc': 'Already exists'}

20.03.2018 16:26:35,332 LDAP        (PROCESS): sync from ucs:   Resync rejected file: /var/lib/univention-connector/s4/1521211807.687465
20.03.2018 16:26:35,472 LDAP        (PROCESS): sync from ucs: [windowscomputer] [       add] cn=ucstest,cn=memberserver,cn=computers,DC=sunhut,DC=local
20.03.2018 16:26:36,944 LDAP        (PROCESS): sync_from_ucs: error during add, searching for conflicting deleted object in S4
20.03.2018 16:26:36,945 LDAP        (PROCESS): sync_from_ucs: no conflicting deleted object found
20.03.2018 16:26:38,887 LDAP        (WARNING): sync failed, saved as rejected
        /var/lib/univention-connector/s4/1521211807.687465
20.03.2018 16:26:38,887 LDAP        (WARNING): Traceback (most recent call last):
  File "/usr/lib/pymodules/python2.7/univention/s4connector/__init__.py", line 897, in __sync_file_from_ucs
    if ((old_dn and not self.sync_from_ucs(key, object, premapped_ucs_dn, unicode(old_dn, 'utf8'), old, new)) or (not old_dn and not self.sync_from_ucs(key, object, premapped_ucs_dn, old_dn, old, new))):
  File "/usr/lib/pymodules/python2.7/univention/s4connector/s4/__init__.py", line 2525, in sync_from_ucs
    self.lo_s4.lo.add_ext_s(compatible_modstring(object['dn']), compatible_addlist(addlist), serverctrls=ctrls)  # FIXME encoding
  File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 195, in add_ext_s
    resp_type, resp_data, resp_msgid, resp_ctrls = self.result3(msgid,all=1,timeout=self.timeout)
  File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 514, in result3
    resp_ctrl_classes=resp_ctrl_classes
  File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 521, in result4
    ldap_result = self._ldap_call(self._l.result4,msgid,all,timeout,add_ctrls,add_intermediates,add_extop)
  File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 106, in _ldap_call
    result = func(*args,**kwargs)
ALREADY_EXISTS: {'info': '00002071: ../ldb_tdb/ldb_index.c:1339: Failed to re-index objectSid in CN=ucstest,CN=memberserver,CN=Computers,DC=sunhut,DC=local - ../ldb_tdb/ldb_index.c:1259: unique index violation on objectSid in CN=ucstest,CN=memberserver,CN=Computers,DC=sunhut,DC=local', 'desc': 'Already exists'}

20.03.2018 16:26:38,887 LDAP        (PROCESS): sync from ucs:   Resync rejected file: /var/lib/univention-connector/s4/1521211862.395348
20.03.2018 16:26:38,990 LDAP        (PROCESS): sync from ucs: [windowscomputer] [       add] cn=owncl-09688169,cn=memberserver,cn=computers,DC=sunhut,DC=local
20.03.2018 16:26:41,216 LDAP        (PROCESS): sync_from_ucs: error during add, searching for conflicting deleted object in S4
20.03.2018 16:26:41,218 LDAP        (PROCESS): sync_from_ucs: no conflicting deleted object found
20.03.2018 16:26:42,459 LDAP        (WARNING): sync failed, saved as rejected
        /var/lib/univention-connector/s4/1521211862.395348
20.03.2018 16:26:42,459 LDAP        (WARNING): Traceback (most recent call last):
  File "/usr/lib/pymodules/python2.7/univention/s4connector/__init__.py", line 897, in __sync_file_from_ucs
    if ((old_dn and not self.sync_from_ucs(key, object, premapped_ucs_dn, unicode(old_dn, 'utf8'), old, new)) or (not old_dn and not self.sync_from_ucs(key, object, premapped_ucs_dn, old_dn, old, new))):
  File "/usr/lib/pymodules/python2.7/univention/s4connector/s4/__init__.py", line 2525, in sync_from_ucs
    self.lo_s4.lo.add_ext_s(compatible_modstring(object['dn']), compatible_addlist(addlist), serverctrls=ctrls)  # FIXME encoding
  File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 195, in add_ext_s
    resp_type, resp_data, resp_msgid, resp_ctrls = self.result3(msgid,all=1,timeout=self.timeout)
  File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 514, in result3
    resp_ctrl_classes=resp_ctrl_classes
  File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 521, in result4
    ldap_result = self._ldap_call(self._l.result4,msgid,all,timeout,add_ctrls,add_intermediates,add_extop)
  File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 106, in _ldap_call
    result = func(*args,**kwargs)
ALREADY_EXISTS: {'info': '00002071: ../ldb_tdb/ldb_index.c:1339: Failed to re-index objectSid in CN=owncl-09688169,CN=memberserver,CN=Computers,DC=sunhut,DC=local - ../ldb_tdb/ldb_index.c:1259: unique index violation on objectSid in CN=owncl-09688169,CN=memberserver,CN=Computers,DC=sunhut,DC=local', 'desc': 'Already exists'}

20.03.2018 16:26:42,460 LDAP        (PROCESS): sync from ucs:   Resync rejected file: /var/lib/univention-connector/s4/1521211863.102711
20.03.2018 16:26:42,559 LDAP        (PROCESS): sync from ucs: [windowscomputer] [       add] cn=wordp-30672859,cn=memberserver,cn=computers,DC=sunhut,DC=local
20.03.2018 16:26:44,671 LDAP        (PROCESS): sync_from_ucs: error during add, searching for conflicting deleted object in S4
20.03.2018 16:26:44,672 LDAP        (PROCESS): sync_from_ucs: no conflicting deleted object found
20.03.2018 16:26:45,766 LDAP        (WARNING): sync failed, saved as rejected
        /var/lib/univention-connector/s4/1521211863.102711
20.03.2018 16:26:45,766 LDAP        (WARNING): Traceback (most recent call last):
  File "/usr/lib/pymodules/python2.7/univention/s4connector/__init__.py", line 897, in __sync_file_from_ucs
    if ((old_dn and not self.sync_from_ucs(key, object, premapped_ucs_dn, unicode(old_dn, 'utf8'), old, new)) or (not old_dn and not self.sync_from_ucs(key, object, premapped_ucs_dn, old_dn, old, new))):
  File "/usr/lib/pymodules/python2.7/univention/s4connector/s4/__init__.py", line 2525, in sync_from_ucs
    self.lo_s4.lo.add_ext_s(compatible_modstring(object['dn']), compatible_addlist(addlist), serverctrls=ctrls)  # FIXME encoding
  File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 195, in add_ext_s
    resp_type, resp_data, resp_msgid, resp_ctrls = self.result3(msgid,all=1,timeout=self.timeout)
  File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 514, in result3
    resp_ctrl_classes=resp_ctrl_classes
  File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 521, in result4
    ldap_result = self._ldap_call(self._l.result4,msgid,all,timeout,add_ctrls,add_intermediates,add_extop)
  File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 106, in _ldap_call
    result = func(*args,**kwargs)
ALREADY_EXISTS: {'info': '00002071: ../ldb_tdb/ldb_index.c:1339: Failed to re-index objectSid in CN=wordp-30672859,CN=memberserver,CN=Computers,DC=sunhut,DC=local - ../ldb_tdb/ldb_index.c:1259: unique index violation on objectSid in CN=wordp-30672859,CN=memberserver,CN=Computers,DC=sunhut,DC=local', 'desc': 'Already exists'}

20.03.2018 16:26:45,766 LDAP        (PROCESS): sync from ucs:   Resync rejected file: /var/lib/univention-connector/s4/1521212114.917405
20.03.2018 16:26:45,829 LDAP        (PROCESS): sync from ucs: [         group] [       add] cn=wordpress-authors,cn=groups,DC=sunhut,DC=local
20.03.2018 16:26:49,686 LDAP        (PROCESS): sync_from_ucs: error during add, searching for conflicting deleted object in S4
20.03.2018 16:26:49,691 LDAP        (PROCESS): sync_from_ucs: no conflicting deleted object found
20.03.2018 16:26:51,438 LDAP        (WARNING): sync failed, saved as rejected
        /var/lib/univention-connector/s4/1521212114.917405
20.03.2018 16:26:51,438 LDAP        (WARNING): Traceback (most recent call last):
  File "/usr/lib/pymodules/python2.7/univention/s4connector/__init__.py", line 897, in __sync_file_from_ucs
    if ((old_dn and not self.sync_from_ucs(key, object, premapped_ucs_dn, unicode(old_dn, 'utf8'), old, new)) or (not old_dn and not self.sync_from_ucs(key, object, premapped_ucs_dn, old_dn, old, new))):
  File "/usr/lib/pymodules/python2.7/univention/s4connector/s4/__init__.py", line 2525, in sync_from_ucs
    self.lo_s4.lo.add_ext_s(compatible_modstring(object['dn']), compatible_addlist(addlist), serverctrls=ctrls)  # FIXME encoding
  File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 195, in add_ext_s
    resp_type, resp_data, resp_msgid, resp_ctrls = self.result3(msgid,all=1,timeout=self.timeout)
  File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 514, in result3
    resp_ctrl_classes=resp_ctrl_classes
  File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 521, in result4
    ldap_result = self._ldap_call(self._l.result4,msgid,all,timeout,add_ctrls,add_intermediates,add_extop)
  File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 106, in _ldap_call
    result = func(*args,**kwargs)
ALREADY_EXISTS: {'info': '00002071: ../ldb_tdb/ldb_index.c:1339: Failed to re-index objectSid in CN=wordpress-authors,CN=Groups,DC=sunhut,DC=local - ../ldb_tdb/ldb_index.c:1259: unique index violation on objectSid in CN=wordpress-authors,CN=Groups,DC=sunhut,DC=local', 'desc': 'Already exists'}

20.03.2018 16:26:51,439 LDAP        (PROCESS): sync from ucs:   Resync rejected file: /var/lib/univention-connector/s4/1521212114.917555
20.03.2018 16:26:51,531 LDAP        (PROCESS): sync from ucs: [         group] [       add] cn=wordpress-editors,cn=groups,DC=sunhut,DC=local
20.03.2018 16:26:52,428 LDAP        (PROCESS): sync_from_ucs: error during add, searching for conflicting deleted object in S4
20.03.2018 16:26:52,429 LDAP        (PROCESS): sync_from_ucs: no conflicting deleted object found
20.03.2018 16:26:53,758 LDAP        (WARNING): sync failed, saved as rejected
        /var/lib/univention-connector/s4/1521212114.917555
20.03.2018 16:26:53,759 LDAP        (WARNING): Traceback (most recent call last):
  File "/usr/lib/pymodules/python2.7/univention/s4connector/__init__.py", line 897, in __sync_file_from_ucs
    if ((old_dn and not self.sync_from_ucs(key, object, premapped_ucs_dn, unicode(old_dn, 'utf8'), old, new)) or (not old_dn and not self.sync_from_ucs(key, object, premapped_ucs_dn, old_dn, old, new))):
  File "/usr/lib/pymodules/python2.7/univention/s4connector/s4/__init__.py", line 2525, in sync_from_ucs
    self.lo_s4.lo.add_ext_s(compatible_modstring(object['dn']), compatible_addlist(addlist), serverctrls=ctrls)  # FIXME encoding
  File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 195, in add_ext_s
    resp_type, resp_data, resp_msgid, resp_ctrls = self.result3(msgid,all=1,timeout=self.timeout)
  File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 514, in result3
    resp_ctrl_classes=resp_ctrl_classes
  File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 521, in result4
    ldap_result = self._ldap_call(self._l.result4,msgid,all,timeout,add_ctrls,add_intermediates,add_extop)
  File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 106, in _ldap_call
    result = func(*args,**kwargs)
ALREADY_EXISTS: {'info': '00002071: ../ldb_tdb/ldb_index.c:1339: Failed to re-index objectSid in CN=wordpress-editors,CN=Groups,DC=sunhut,DC=local - ../ldb_tdb/ldb_index.c:1259: unique index violation on objectSid in CN=wordpress-editors,CN=Groups,DC=sunhut,DC=local', 'desc': 'Already exists'}

20.03.2018 16:26:53,759 LDAP        (PROCESS): sync from ucs:   Resync rejected file: /var/lib/univention-connector/s4/1521212114.922899
20.03.2018 16:26:53,799 LDAP        (PROCESS): sync from ucs: [         group] [       add] cn=wordpress-subscribers,cn=groups,DC=sunhut,DC=local
20.03.2018 16:26:56,534 LDAP        (PROCESS): sync_from_ucs: error during add, searching for conflicting deleted object in S4
20.03.2018 16:26:56,543 LDAP        (PROCESS): sync_from_ucs: no conflicting deleted object found
20.03.2018 16:26:57,391 LDAP        (WARNING): sync failed, saved as rejected
        /var/lib/univention-connector/s4/1521212114.922899
20.03.2018 16:26:57,391 LDAP        (WARNING): Traceback (most recent call last):
  File "/usr/lib/pymodules/python2.7/univention/s4connector/__init__.py", line 897, in __sync_file_from_ucs
    if ((old_dn and not self.sync_from_ucs(key, object, premapped_ucs_dn, unicode(old_dn, 'utf8'), old, new)) or (not old_dn and not self.sync_from_ucs(key, object, premapped_ucs_dn, old_dn, old, new))):
  File "/usr/lib/pymodules/python2.7/univention/s4connector/s4/__init__.py", line 2525, in sync_from_ucs
    self.lo_s4.lo.add_ext_s(compatible_modstring(object['dn']), compatible_addlist(addlist), serverctrls=ctrls)  # FIXME encoding
  File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 195, in add_ext_s
    resp_type, resp_data, resp_msgid, resp_ctrls = self.result3(msgid,all=1,timeout=self.timeout)
  File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 514, in result3
    resp_ctrl_classes=resp_ctrl_classes
  File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 521, in result4
    ldap_result = self._ldap_call(self._l.result4,msgid,all,timeout,add_ctrls,add_intermediates,add_extop)
  File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 106, in _ldap_call
    result = func(*args,**kwargs)
ALREADY_EXISTS: {'info': '00002071: ../ldb_tdb/ldb_index.c:1339: Failed to re-index objectSid in CN=wordpress-subscribers,CN=Groups,DC=sunhut,DC=local - ../ldb_tdb/ldb_index.c:1259: unique index violation on objectSid in CN=wordpress-subscribers,CN=Groups,DC=sunhut,DC=local', 'desc': 'Already exists'}

20.03.2018 16:26:57,392 LDAP        (PROCESS): sync from ucs:   Resync rejected file: /var/lib/univention-connector/s4/1521212114.923334
20.03.2018 16:26:57,443 LDAP        (PROCESS): sync from ucs: [         group] [       add] cn=wordpress-contributors,cn=groups,DC=sunhut,DC=local
20.03.2018 16:26:58,709 LDAP        (PROCESS): sync_from_ucs: error during add, searching for conflicting deleted object in S4
20.03.2018 16:26:58,716 LDAP        (PROCESS): sync_from_ucs: no conflicting deleted object found
20.03.2018 16:27:00,436 LDAP        (WARNING): sync failed, saved as rejected
        /var/lib/univention-connector/s4/1521212114.923334
20.03.2018 16:27:00,437 LDAP        (WARNING): Traceback (most recent call last):
  File "/usr/lib/pymodules/python2.7/univention/s4connector/__init__.py", line 897, in __sync_file_from_ucs
    if ((old_dn and not self.sync_from_ucs(key, object, premapped_ucs_dn, unicode(old_dn, 'utf8'), old, new)) or (not old_dn and not self.sync_from_ucs(key, object, premapped_ucs_dn, old_dn, old, new))):
  File "/usr/lib/pymodules/python2.7/univention/s4connector/s4/__init__.py", line 2525, in sync_from_ucs
    self.lo_s4.lo.add_ext_s(compatible_modstring(object['dn']), compatible_addlist(addlist), serverctrls=ctrls)  # FIXME encoding
  File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 195, in add_ext_s
    resp_type, resp_data, resp_msgid, resp_ctrls = self.result3(msgid,all=1,timeout=self.timeout)
  File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 514, in result3
    resp_ctrl_classes=resp_ctrl_classes
  File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 521, in result4
    ldap_result = self._ldap_call(self._l.result4,msgid,all,timeout,add_ctrls,add_intermediates,add_extop)
  File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 106, in _ldap_call
    result = func(*args,**kwargs)
ALREADY_EXISTS: {'info': '00002071: ../ldb_tdb/ldb_index.c:1339: Failed to re-index objectSid in CN=wordpress-contributors,CN=Groups,DC=sunhut,DC=local - ../ldb_tdb/ldb_index.c:1259: unique index violation on objectSid in CN=wordpress-contributors,CN=Groups,DC=sunhut,DC=local', 'desc': 'Already exists'}

20.03.2018 16:27:00,437 LDAP        (PROCESS): sync from ucs:   Resync rejected file: /var/lib/univention-connector/s4/1521213158.807890
20.03.2018 16:27:00,586 LDAP        (PROCESS): sync from ucs: [          user] [       add] cn=Radmin,cn=users,DC=sunhut,DC=local
20.03.2018 16:27:02,398 LDAP        (PROCESS): sync_from_ucs: error during add, searching for conflicting deleted object in S4
20.03.2018 16:27:02,398 LDAP        (PROCESS): sync_from_ucs: no conflicting deleted object found
20.03.2018 16:27:02,871 LDAP        (WARNING): sync failed, saved as rejected
        /var/lib/univention-connector/s4/1521213158.807890
20.03.2018 16:27:02,871 LDAP        (WARNING): Traceback (most recent call last):
  File "/usr/lib/pymodules/python2.7/univention/s4connector/__init__.py", line 897, in __sync_file_from_ucs
    if ((old_dn and not self.sync_from_ucs(key, object, premapped_ucs_dn, unicode(old_dn, 'utf8'), old, new)) or (not old_dn and not self.sync_from_ucs(key, object, premapped_ucs_dn, old_dn, old, new))):
  File "/usr/lib/pymodules/python2.7/univention/s4connector/s4/__init__.py", line 2525, in sync_from_ucs
    self.lo_s4.lo.add_ext_s(compatible_modstring(object['dn']), compatible_addlist(addlist), serverctrls=ctrls)  # FIXME encoding
  File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 195, in add_ext_s
    resp_type, resp_data, resp_msgid, resp_ctrls = self.result3(msgid,all=1,timeout=self.timeout)
  File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 514, in result3
    resp_ctrl_classes=resp_ctrl_classes
  File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 521, in result4
    ldap_result = self._ldap_call(self._l.result4,msgid,all,timeout,add_ctrls,add_intermediates,add_extop)
  File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 106, in _ldap_call
    result = func(*args,**kwargs)
ALREADY_EXISTS: {'info': '00002071: ../ldb_tdb/ldb_index.c:1339: Failed to re-index objectSid in CN=Radmin,CN=Users,DC=sunhut,DC=local - ../ldb_tdb/ldb_index.c:1259: unique index violation on objectSid in CN=Radmin,CN=Users,DC=sunhut,DC=local', 'desc': 'Already exists'}

20.03.2018 16:27:02,871 LDAP        (PROCESS): sync from ucs:   Resync rejected file: /var/lib/univention-connector/s4/1521213169.743682
20.03.2018 16:27:03,685 LDAP        (PROCESS): sync from ucs: [          user] [    modify] cn=Radmin,cn=users,DC=sunhut,DC=local
20.03.2018 16:27:06,324 LDAP        (PROCESS): sync_from_ucs: error during add, searching for conflicting deleted object in S4
20.03.2018 16:27:06,325 LDAP        (PROCESS): sync_from_ucs: no conflicting deleted object found
20.03.2018 16:27:07,151 LDAP        (WARNING): sync failed, saved as rejected

Hey,

thanks, those log entries do help, or at least they shed some light on what’s happening. But the “why” still escapes me. It basically means that there are entries in the Samba4 LDAP that have the same ID as the ones that are about to be added. This isn’t good — no two objects can have the same ID. It hints at a problem with the RID counter.

Please post the output of the following commands:

univention-s4search --cross-ncs objectSid=$(univention-ldapsearch uid=ucs-sso sambasid | awk '/^sambaSID/ { print $2 }') dn objectSid
univention-ldapsearch sambaSID=$(univention-ldapsearch uid=mbunkus sambasid | awk '/^sambaSID/ { print $2 }') dn
univention-s4search --cross-ncs 'ridnextrid=*'
univention-s4search --cross-ncs 'objectsid=*' objectsid | grep $(net getdomainsid | sed -e 's/.* //')- | awk '/^objectSid:/ { gsub(".*-", "", $2); print $2 }' | sort -n | tail -n 10

Kind regards,
mosu

root@ucsmaster:~# univention-s4search --cross-ncs objectSid=$(univention-ldapsearch uid=ucs-sso sambasid | awk '/^sambaSID/ { print $2 }') dn objectSid
# returned 0 records
# 0 entries
# 0 referrals

root@ucsmaster:~# univention-ldapsearch sambaSID=$(univention-ldapsearch uid=mbunkus sambasid | awk '/^sambaSID/ { print $2 }') dn
# extended LDIF
#
# LDAPv3
# base <dc=sunhut,dc=local> (default) with scope subtree
# filter: sambaSID=
# requesting: dn
#

# search result
search: 3
result: 0 Success

# numResponses: 1

root@ucsmaster:~# univention-s4search --cross-ncs 'ridnextrid=*'
# record 1
dn: CN=RID Set,CN=UCSMASTER,OU=Domain Controllers,DC=sunhut,DC=local
objectClass: top
objectClass: rIDSet
cn: RID Set
instanceType: 4
whenCreated: 20171023105218.0Z
whenChanged: 20171023105218.0Z
uSNCreated: 3586
uSNChanged: 3586
showInAdvancedViewOnly: TRUE
name: RID Set
objectGUID: 39c16890-54fd-4a17-9a29-c93ccf0eed8d
rIDAllocationPool: 1100-1599
rIDPreviousAllocationPool: 1100-1599
rIDUsedPool: 0
objectCategory: CN=RID-Set,CN=Schema,CN=Configuration,DC=sunhut,DC=local
rIDNextRID: 1126
distinguishedName: CN=RID Set,CN=UCSMASTER,OU=Domain Controllers,DC=sunhut,DC=
 local

# record 2
dn: CN=RID Set,CN=UCSKVM3,OU=Domain Controllers,DC=sunhut,DC=local
objectClass: top
objectClass: rIDSet
cn: RID Set
instanceType: 4
whenCreated: 20171228192100.0Z
whenChanged: 20171228192100.0Z
uSNCreated: 7344
uSNChanged: 7344
showInAdvancedViewOnly: TRUE
name: RID Set
objectGUID: d8285dad-0f1e-42d0-8733-0f4ed9ef0bdf
rIDAllocationPool: 402600-403099
rIDPreviousAllocationPool: 0-0
rIDUsedPool: 0
rIDNextRID: 0
objectCategory: CN=RID-Set,CN=Schema,CN=Configuration,DC=sunhut,DC=local
distinguishedName: CN=RID Set,CN=UCSKVM3,OU=Domain Controllers,DC=sunhut,DC=lo
 cal

# record 3
dn: CN=RID Set,CN=UCSKVM2,OU=Domain Controllers,DC=sunhut,DC=local
objectClass: top
objectClass: rIDSet
cn: RID Set
instanceType: 4
whenCreated: 20171126214147.0Z
whenChanged: 20171126214147.0Z
uSNCreated: 7088
uSNChanged: 7088
showInAdvancedViewOnly: TRUE
name: RID Set
objectGUID: 1be6d577-a6dc-4a92-a2ce-e72bdfe3a07b
rIDAllocationPool: 401600-402099
rIDPreviousAllocationPool: 0-0
rIDUsedPool: 0
rIDNextRID: 0
objectCategory: CN=RID-Set,CN=Schema,CN=Configuration,DC=sunhut,DC=local
distinguishedName: CN=RID Set,CN=UCSKVM2,OU=Domain Controllers,DC=sunhut,DC=lo
 cal

# returned 3 records
# 3 entries
# 0 referrals

root@ucsmaster:~# univention-s4search --cross-ncs 'objectsid=*' objectsid | grep $(net getdomainsid | sed -e 's/.* //')- | awk '/^objectSid:/ { gsub(".*-", "", $2); print $2 }' | sort -n | tail -n 10
1123
1124
1125
1601
2104
401601
401603
401604
402601
402604

UCSKVM1 has no RID record, it should have one

Hey,

my second command was wrong, sorry about that (wrong user name due to testing…). Please run this:

Kind regards,
mosu

root@ucsmaster:~# univention-ldapsearch sambaSID=$(univention-ldapsearch uid=ucs-sso  sambasid | awk '/^sambaSID/ { print $2 }') dn
# extended LDIF
#
# LDAPv3
# base <dc=sunhut,dc=local> (default) with scope subtree
# filter: sambaSID=S-1-4-2047
# requesting: dn
#

# ucs-sso, users, sunhut.local
dn: uid=ucs-sso,cn=users,dc=sunhut,dc=local

# search result
search: 3
result: 0 Success

# numResponses: 2
# numEntries: 1
Mastodon