Univention Bugzilla – Bug 42687
Non-Edu school slave: dhcpd won't start
Last modified: 2017-10-16 21:33:58 CEST
UCS@school Multi-Server UCS@school 4.1 R2 v6 UCS 4.1-3 Errata 292 The DHCP server object for the administrative UCS@school server is not created underneath the school OU. Educational school slave: dn: cn=sedu011-01,cn=011,cn=dhcp,ou=011,dc=schulen,dc=example,dc=org Administrative school slave: dn: cn=sadm011-01,cn=schulen.example.org,cn=dhcp,dc=schulen,dc=example,dc=org dhcpd then refuses to start on the administraive school slave: > Oct 16 23:22:17 sadm011-01 dhcpd: Error: Cannot find LDAP entry matching (&(objectClass=dhcpServer)(cn=sadm011-01)) > Oct 16 23:22:17 sadm011-01 dhcpd: Configuration file errors encountered -- exiting How to reproduce: 1. Install UCS Master with Samba/AD → Add UCS@school Multi-Server-Env and DHCP Server via App Center 2. Create school with: > /usr/share/ucs-school-import/scripts/create_ou --displayName="Grundschule Nord" 011 sedu011-01 sadm011-01 3. Import networks: > cat networks.csv: > 011 10.200.23.0/24 10.200.23.200-10.200.23.249 10.200.23.1 10.200.23.250 10.200.23.250 > 011 10.200.34.0/24 10.200.34.200-10.200.34.249 10.200.34.1 10.200.34.250 10.200.34.250 > > /usr/share/ucs-school-import/scripts/import_networks networks.csv 4. Install UCS Slave "sedu011-01" and join → install UCS@school and configure with Samba/AD and as educational server → install DHCP Server via App Center 5. Install UCS Slave "sadm011-01" and join → install UCS@school and configure with Samba/AD and as administrative server → install DHCP Server via App Center Workaround: 1. Delete this DHCP Server: cn=sadm011-01,cn=schulen.example.org,cn=dhcp,dc=schulen,dc=example,dc=org 2. Create a new one: cn=sadm011-01,cn=011,cn=dhcp,ou=011,dc=schulen,dc=example,dc=org 3. Have a look at daemon.log: > Oct 16 23:28:17 sadm011-01 dhcpd: Error: Cannot find LDAP entry matching (&(objectClass=dhcpServer)(cn=sadm011-01)) > Oct 16 23:28:17 sadm011-01 dhcpd: Configuration file errors encountered -- exiting > Oct 16 23:29:17 sadm011-01 dhcpd: Wrote 0 leases to leases file. > Oct 16 23:29:17 sadm011-01 dhcpd: > Oct 16 23:29:17 sadm011-01 dhcpd: No subnet declaration for docker0 (172.17.42.1). > Oct 16 23:29:17 sadm011-01 dhcpd: ** Ignoring requests on docker0. If this is not what > Oct 16 23:29:17 sadm011-01 dhcpd: you want, please write a subnet declaration > Oct 16 23:29:17 sadm011-01 dhcpd: in your dhcpd.conf file for the network segment > Oct 16 23:29:17 sadm011-01 dhcpd: to which interface docker0 is attached. ** > Oct 16 23:29:17 sadm011-01 dhcpd: > Oct 16 23:29:23 sadm011-01 dhcpd: DHCPDISCOVER from 52:54:00:85:44:f7 via eth0 > Oct 16 23:29:23 sadm011-01 dhcpd: DHCPOFFER on 10.200.34.200 to 52:54:00:85:44:f7 via eth0 > Oct 16 23:29:23 sadm011-01 dhcpd: DHCPREQUEST for 10.200.34.200 (10.200.34.250) from 52:54:00:85:44:f7 via eth0 > Oct 16 23:29:23 sadm011-01 dhcpd: DHCPACK on 10.200.34.200 to 52:54:00:85:44:f7 via eth0 > Oct 16 23:29:26 sadm011-01 dhcpd: DHCPDISCOVER from 00:19:99:a2:66:26 via eth0: network 10.200.34.0/24: no free leases Workaround took place between 23:28:17 and 23:29:17. The docker0 thing is Bug 39872
Grr, I searched the whole time for a bug in the UCS@school lib / create_ou. But the DHCP object is created in the joinscript 25univention-dhcp.inst: 60 SERVICE="cn=$domainname,cn=dhcp,$ldap_base" 61 univention-directory-manager dhcp/server create "$@" --ignore_exists \ 62 » --superordinate "$SERVICE" \ 63 » --set server="$hostname" || die The joinscript is executed after all schools are already created and joined.
(In reply to Florian Best from comment #1) > Grr, I searched the whole time for a bug in the UCS@school lib / create_ou. > But the DHCP object is created in the joinscript 25univention-dhcp.inst: > > 60 SERVICE="cn=$domainname,cn=dhcp,$ldap_base" > 61 univention-directory-manager dhcp/server create "$@" --ignore_exists \ > 62 » --superordinate "$SERVICE" \ > 63 » --set server="$hostname" || die > > The joinscript is executed after all schools are already created and joined. Ah, these lines will not create a DHCP server if there is already a dhcp/server object somewhere else. So we have to create one in create_ou for administrative servers.
The cause was that for administrative DC Slaves not DHCP Server object was created or moved, so that the univention-dhcp joinscript created one in the wrong position. The object is not created or moved during the OU creation. QA: There are 8 possible combinations: [singleserver | multiserver] [yes | no] DHCP server objects exists underneath of the global DHCP container [create_ou | use schoolwizards / UMC schoolinstaller module] I didn't test the singleserver combination, but this should work. ucs-school-lib.yaml: a412ed5c2254 | Bug #42687: Merge branch 'fbest/42687-dhcp-server-administrative-slave-4.2' into 4.2 ea4f6468d920 | Changelog Bug #42687 ucs-school-lib (10.0.2-7): a412ed5c2254 | Bug #42687: Merge branch 'fbest/42687-dhcp-server-administrative-slave-4.2' into 4.2 ea4f6468d920 | Changelog Bug #42687 0495b36b3e79 | Bug #42687: Merge branch 'fbest/42687-dhcp-server-administrative-slave-4.2' into 4.2 652291648586 | Bug #42687: create dhcp server when DC Slave is created ucs-school-import (15.0.0-47): a412ed5c2254 | Bug #42687: Merge branch 'fbest/42687-dhcp-server-administrative-slave-4.2' into 4.2 ea4f6468d920 | Changelog Bug #42687 0495b36b3e79 | Bug #42687: Merge branch 'fbest/42687-dhcp-server-administrative-slave-4.2' into 4.2 652291648586 | Bug #42687: create dhcp server when DC Slave is created ucs-school-import.yaml: 0495b36b3e79 | Bug #42687: Merge branch 'fbest/42687-dhcp-server-administrative-slave-4.2' into 4.2 360a616cfb26 | YAML Bug #42687
OK: advisory OK: code OK: manual test in multi-server env, no dhcp server in domain container: root@m120:~# /usr/share/ucs-school-import/scripts/create_ou --displayName="Grundschule Nord" NewSchool newschool-edu-01 schooladm85 need to create container cn=server,cn=computers,ou=NewSchool,dc=uni,dc=dtr creating object cn=server,cn=computers,ou=NewSchool,dc=uni,dc=dtr [..] creating object cn=newschool,cn=dhcp,ou=NewSchool,dc=uni,dc=dtr need to create dhcp service: cn=newschool,cn=dhcp,ou=NewSchool,dc=uni,dc=dtr need to create dhcp server: creating object cn=newschool-edu-01,cn=newschool,cn=dhcp,ou=NewSchool,dc=uni,dc=dtr creating object cn=dhcp-dns-clear,cn=policies,ou=NewSchool,dc=uni,dc=dtr need to attach policy: cn=dhcp-dns-clear,cn=policies,ou=NewSchool,dc=uni,dc=dtr Object created: cn=ou-default-ucr-policy,cn=policies,ou=newschool,dc=uni,dc=dtr Object modified: cn=ou-default-ucr-policy,cn=policies,ou=NewSchool,dc=uni,dc=dtr Object modified: ou=newschool,dc=uni,dc=dtr 40dhcpsearchbase_create: added new UCR policy cn=ou-default-ucr-policy,cn=policies,ou=newschool,dc=uni,dc=dtr to OU ou=newschool,dc=uni,dc=dtr 45dhcpdns_create: modifying OU newschool ... Object created: cn=dhcp-dns-newschool,cn=policies,ou=NewSchool,dc=uni,dc=dtr Object modified: cn=dhcp,ou=NewSchool,dc=uni,dc=dtr 45dhcpdns_create: done Object created: cn=Marktplatz,cn=shares,ou=NewSchool,dc=uni,dc=dtr 52marktplatz_create: added new share Markplatz for server newschool-edu-01.uni.dtr Object created: cn=examusers,ou=newschool,dc=uni,dc=dtr Object created: cn=OUnewschool-Klassenarbeit,cn=ucsschool,cn=groups,dc=uni,dc=dtr 60schoolexam-master: Exam container 'cn=examusers,ou=newschool' and group 'OUnewschool-Klassenarbeit' created. creating object cn=schooladm85,cn=dc,cn=server,cn=computers,ou=NewSchool,dc=uni,dc=dtr need to create dhcp server: creating object cn=schooladm85,cn=newschool,cn=dhcp,ou=NewSchool,dc=uni,dc=dtr # install slave # install school root@schooladm85:~# udm dhcp/server list DN: cn=newschool-edu-01,cn=newschool,cn=dhcp,ou=NewSchool,dc=uni,dc=dtr server: newschool-edu-01 DN: cn=schooladm85,cn=newschool,cn=dhcp,ou=NewSchool,dc=uni,dc=dtr server: schooladm85 # install app dhcp-server RUNNING 25univention-dhcp.inst 2017-10-10 16:48:20.183088789+02:00 (in joinscript_init) Object created: cn=uni.dtr,cn=dhcp,dc=uni,dc=dtr Object exists: (dhcpserver) schooladm85 25univention-dhcp.inst: Number of existing DHCP (Shared) Sub-Networks: 0 25univention-dhcp.inst: Referencing DHCP policy boot 25univention-dhcp.inst: Referencing DHCP policy dns 25univention-dhcp.inst: Referencing DHCP policy routing 25univention-dhcp.inst: Configuring first router 10.200.3.1 Object modified: cn=default-settings,cn=routing,cn=dhcp,cn=policies,dc=uni,dc=dtr Object created: cn=10.200.3.0,cn=uni.dtr,cn=dhcp,dc=uni,dc=dtr Object exists: cn=services,cn=univention,dc=uni,dc=dtr Object created: cn=DHCP,cn=services,cn=univention,dc=uni,dc=dtr Object modified: cn=schooladm85,cn=dc,cn=server,cn=computers,ou=NewSchool,dc=uni,dc=dtr 2017-10-10 16:48:24.650022594+02:00 (in joinscript_save_current_version) EXITCODE=0 root@schooladm85:~# univention-ldapsearch -LLL "(&(objectClass=dhcpServer)(cn=$(hostname)))" dn: cn=schooladm85,cn=newschool,cn=dhcp,ou=NewSchool,dc=uni,dc=dtr cn: schooladm85 objectClass: top objectClass: univentionObject objectClass: dhcpServer univentionObjectType: dhcp/server dhcpServiceDN: cn=newschool,cn=dhcp,ou=NewSchool,dc=uni,dc=dtr # create a subnet in UMC root@schooladm85:~# udm dhcp/subnet list DN: cn=10.200.3.0,cn=newschool,cn=dhcp,ou=NewSchool,dc=uni,dc=dtr broadcastaddress: 10.200.3.255 range: 10.200.3.200 10.200.3.250 subnet: 10.200.3.0 subnetmask: 24 univentionPolicyReference: cn=default-settings,cn=routing,cn=dhcp,cn=policies,dc=uni,dc=dtr univentionPolicyReference: cn=dhcp-dns-newschool,cn=policies,ou=NewSchool,dc=uni,dc=dtr root@schooladm85:~# ps xa | grep dhcpd 6496 ? S 0:00 /usr/sbin/dhcpd -q -f No error in /var/log/syslog. ################# Running it again with an existing DHCP server in the domain wide container, had the same result. ################# Running it again with the UMC schoolinstaller instead of create_ou the result is the same.
UCS@school 4.2 v4 has been released. http://docs.software-univention.de/changelog-ucsschool-4.2v4-de.html If this error occurs again, please clone this bug.