Verwaiste zarafaSendAsPrivilege Einträge entfernen

passt · March 18, 2019, 11:00am

Zarafa 7.2.6.10

Zarafa server.log contains numerous error messages "Not all objects in relation found for object ". This seems to be caused by orphaned entries for deputies of Univention users or Zarafa NonActive accounts. In the UCS webadmin, at least for the affected accounts, there are numerous empty deputy entries that cannot be removed using the [ - ] button.

As far as I understand it, the entry zarafaSendAsPrivilege corresponds to the deputy entry in an LDAP object. You should be able to delete this with ldapmodify.

Is there a tutorial for ldapmofy matching the UCS?

Greetings,
Peter

Translated with www.DeepL.com/Translator

passt · March 18, 2019, 2:12pm

I was able to work it out myself and removed the orphaned entries SendAsPrivilege. For this I don’t use ldapmodify but udm.

If someone is interested, here the manual:

First I have a look at the configuration of the appropriate mailbox in the web interface. For a UCS user the proxy settings can be found in the Zarafa tab, for the Zarafa non-active accounts on the first page. These entries are compared to the display by ldapsearch in the Bash, where zarafaSendAsPrivilege corresponds to the Uid of the deputy entries.

# univention-ldapsearch -u uid=<username> |grep SendAsPrivilege
...
FarefaCe Privilege: 2023
tarefaCe sPrivilege: 2255
...

The substitutes and SendAsPrivilege entries are listed in exactly the same order, so you just have to count the gaps of the orphaned substitutes. An orphaned SendAsPrivilege entry has a Uid that does not correspond to a username.

There are two ways to delete the orphaned SendAsPrivilege entry depending on whether it is a Univention user account or a Zarafa non-active account:

# udm users/user modify --dn="uid=username,cn=users,dc=company,dc=internal" --remove SendAsPrivilege=2023 
or
# udm zarafa/non-active modify --dn="uid=username,cn=non-active,cn=zarafa,dc=company,dc=internal" --remove SendAsPrivilege=2023