Very serious (RC blocking ?) GOsa-LDAP inconsistencies about netgroups

Hi volks,

(after 2 days of getting crazy) I've the following, PRETTY UGLY report.

1) Fresh re-installed tjener Jessie and immediate subnet switch to my
   (hope the following isn't subnet related, IMHO it shouldn't), done with ISO netinst
   image of the 18/6/2015 (the last available); on real HW.

2) First WS PXE install works. Registration via sitesummary2ldap works. Login
   with first user works on the WS. Great!

3) All other subsequent PXE installed and sitesummary2ldap registered WS DO NOT ALLOW LOGIN
   complaining that the WS is not in the workstation-hosts netgroup. But checking
   at WS with:
   "netgroup workstation-hosts"
   The WS are listed correctly. Note: DNS resolving direct/reverse is correct.

4) Triing to delete and reinsert the workstation-hosts groups via GOsa menu is buggy.
   It is impossible to remove the netgroup ownnership only. More, if the whole WS is removed
   and inserted back via sitesummary, the netgroup appears to be there (not deleted
   accordingly to the WS elimination). Ldapvi check shows that in the dn=workstation-hosts
   the eliminated WS is still there. With ldapvi I have to commit with Y (y not enough) to remove
   the netgroup.

5) Digging into ldapdump.ldif I only see that some WS entries have been inserted by cn=admin and other
   by cn=gosa-admin.

6) Removing all the workstation-hosts ownership, after removing the workstation itself in GOsa
   works finally. After this, rebooting the tjener and readding the WS with sitesummary leads
   to another (strange) fact. In GOsa the netgroup ownership are (correctly) absent, but
   checking from terminal on the rebooted client WS they have not been
   deleted (wrong cached ?).

I really do not understand how to go further in debugging, since I cannot locate the origin
of these facts.


Giorgio Pioda

