Univention Bugzilla – Bug 38235
Installation of AD-Takeover App breaks current AD member mode connection
Last modified: 2018-11-30 19:22:25 CET
Ticket: 2015041021000201 Customer installed AD-Takeover App on a "AD Member Mode" system because he wanted to do the takeover later that day but installing the app broke his current "Member Mode" connection and Samba setup. We should probably make it more clear that the App should only be installed when it is intended to do the takeover "right now".
Somebody inhouse just ran into this and it's hard to figure out what the situation is.. This is how he ran into it: * ucs-kt-get the ucs 4.0-3 appliance * configure the AD-Server as DNS-Server in the setup wizard * choose to join an existing AD Domain in the setup wizard * select "AD Takeover" in the Software selection dialog of the setup wizard After that he didn't bother to check if AD Member mode was working properly because he wanted to dive straight into AD Takeover. So he did. Everything looked jolly good until the UMC Module AD Takeover asked him to do the sysvol robocopy. At that point, he could not access the sysvol share on the UCS System from AD. As it turned out, samba was not running *at all* on the UCS server. This is why: root@ucs-5400:~# ucr search --brief ad/member samba/autostart samba4/autostart connector/ad/autostart connector/s4/autostart ad/member: true connector/ad/autostart: yes connector/s4/autostart: yes samba/autostart: no samba4/autostart: false We should definitely do something about this to avoid this intransparent failure. I think we need to hide the "AD Takeover" from the Software selection when Joining an AD Domain was selected.
Created attachment 7209 [details] systemlogs.tar.bz2 System Logs from the setup. Installation was at about 14.10.15 17:55 at which time the DNS configuration was done and work was suspended until the next day. samba4/autostart became set to false at 15.10.15 09:28 (setup.log).
Maybe Bug #37146 additionally affected this case, as the VM was an ucs-kt-get appliance with repository/online/server: univention-repository.knut.univention.de which might not have been resolvable by the AD DNS Server. But I'm unsure about this, maybe univention-samba is already present in the appliance package cache.
Confirmed: Comment 3 applies in that case. So, The situation described in Comment 1 is invalid at this bug. None the less we should check it AD Takeover should be hidden from the software selection.
Added a note in the takeover documentation. d3939c64286e7606d4f118e5d74ca49417a57cdd
Looks good.
[master] 7fe677a Bug #47080 Bug #47081 Bug #47405 Bug #48006 Bug #38235 Bug #40844 Bug #47923 Bug #47713 Bug #47979 Bug #47980 Bug #47981 Bug #47983 Bug #47984 Bug #48136 app-provider-4.3.html | 430 +++++++++++++++++++++++++--------- app-provider-4.3.pdf | Bin 4367404 -> 4404363 bytes handbuch-4.3.html | 276 +++++++++++++--------- handbuch-4.3.pdf | Bin 8874710 -> 8898258 bytes illustrations43/google_wizard1_en.png | Bin 0 -> 70263 bytes manual-4.3.html | 346 ++++++++++++++++++--------- manual-4.3.pdf | Bin 8568720 -> 8668310 bytes 7 files changed, 721 insertions(+), 331 deletions(-) <http://jenkins.knut.univention.de:8080/view/Publish/job/Publish_docs.univention.de/128/>