Bug 40162 – State clearly that UCS cannot be an AD DC in AD-Connection Member Mode

Bug 40162 - State clearly that UCS cannot be an AD DC in AD-Connection Member Mode


Summary:	State clearly that UCS cannot be an AD DC in AD-Connection Member Mode

Status:	CLOSED FIXED

Product:	UCS manual
Classification:	Unclassified
Component:	Services for Windows
Version:	unspecified
Hardware:	Other Linux

Importance:	P5 normal (vote)
Target Milestone:	UCS 4.3
Assigned To:	Stefan Gohmann
QA Contact:	Arvid Requate

URL:
Keywords:

Depends on:
Blocks:
	Show dependency tree / graph

Reported:	2015-12-02 20:16 CET by Michael Grandjean
Modified:	2019-02-14 12:12 CET (History)
CC List:	1 user (show)

See Also:
What kind of report is it?:	---
What type of bug is this?:	---
Who will be affected by this bug?:	---
How will those affected feel about the bug?:	---
User Pain:
Enterprise Customer affected?:
School Customer affected?:
ISV affected?:
Waiting Support:
Flags outvoted (downgraded) after PO Review:
Ticket number:
Bug group (optional):
Max CVSS v3 score:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Michael Grandjean

2015-12-02 20:16:24 CET

We should state clearly in the manual that UCS can't be an Active Directory Domaincontroller itself when operating in AD member mode.

There is a good explanation in "9.3. Active Directory Connection" and the following sections on how the member mode works and if you pay close attention, you should come to the conclusion that UCS cannot be an Active Directory Domaincontroller itself, but we don't say it. This regularly confuses people (e.g. 2015112021000035).

Maybe this:

> In the configuration of a UCS server system as a member of an AD domain (AD
> member mode), the AD functions as the primary directory service and the
> respective UCS system joins the trust context of the AD domain.

Could become something like this:

> In the configuration of a UCS server system as a member of an AD domain (AD
> member mode), the AD functions as the primary directory service and the
> respective UCS system joins the trust context of the AD domain. Because of
> this, the UCS system will not be able to operate as an AD domain controller
> itself.

Comment 1 Stefan Gohmann

2018-12-11 07:54:47 CET

I've added such a clarification.

git.knut.univention.de:univention/ucs.git
   0ef94beb0f..05a84662a4  stefan/docu-cleanup -> stefan/docu-cleanup

Jenkins build:
http://jenkins.knut.univention.de:8080/view/Doku/job/BuildDocBookBranch/43/artifact/webroot/manual-4.3.html#ad-connector:ad-member-einrichtung
http://jenkins.knut.univention.de:8080/view/Doku/job/BuildDocBookBranch/43/artifact/webroot/handbuch-4.3.html#ad-connector:ad-member-einrichtung

Please reopen the bug after the QA, so that I can merge it.

Comment 2 Arvid Requate

2019-01-02 18:44:15 CET

Ok, please merge.

Comment 3 Stefan Gohmann

2019-01-15 07:27:44 CET

(In reply to Arvid Requate from comment #2)
> Ok, please merge.

Merged to UCS 4.3-3 and UCS 4.4-0.

Comment 4 Stefan Gohmann

2019-01-15 07:27:58 CET

(In reply to Stefan Gohmann from comment #3)
> (In reply to Arvid Requate from comment #2)
> > Ok, please merge.
> 
> Merged to UCS 4.3-3 and UCS 4.4-0.

Verified

Comment 5 Philipp Hahn

2019-02-14 12:12:57 CET

[master] dd16110 Bug #46874,Bug #32277,Bug #36733,Bug #39556,Bug #40162,Bug #41684,Bug #34726,Bug #41305,Bug #36869: PUBLISH