Bug 48221 - AD-Connector wizard aborts on a DC Backup
AD-Connector wizard aborts on a DC Backup
Status: RESOLVED WONTFIX
Product: UCS
Classification: Unclassified
Component: AD Connector
UCS 4.3
Other Linux
: P5 normal (vote)
: ---
Assigned To: Samba maintainers
Samba maintainers
:
Depends on:
Blocks: 44024
  Show dependency treegraph
 
Reported: 2018-11-27 10:39 CET by Arvid Requate
Modified: 2021-05-14 16:34 CEST (History)
1 user (show)

See Also:
What kind of report is it?: Development Internal
What type of bug is this?: ---
Who will be affected by this bug?: ---
How will those affected feel about the bug?: ---
User Pain:
Enterprise Customer affected?:
School Customer affected?:
ISV affected?:
Waiting Support:
Flags outvoted (downgraded) after PO Review:
Ticket number:
Bug group (optional):
Max CVSS v3 score:


Attachments
Screenshot_20181127_102906.png (167.57 KB, image/png)
2018-11-27 10:39 CET, Arvid Requate
Details
Screenshot_20181127_104615.png (174.90 KB, image/png)
2018-11-27 11:26 CET, Arvid Requate
Details

Note You need to log in before you can comment on or make changes to this bug.
Description Arvid Requate univentionstaff 2018-11-27 10:39:09 CET
Created attachment 9754 [details]
Screenshot_20181127_102906.png

To reproduce & fix Bug 44024 I installed the AD-Connector on a DC Backup (via Appcenter). Configuration via Wizard is stopped by an error popup, see attached screen shot.

/var/log/univention/management-console-module-adconnector.log says:
=======================================================================
26.11.18 21:15:29.282  MODULE      ( PROCESS ) : User is default AD Administrator
26.11.18 21:15:29.282  MODULE      ( PROCESS ) : Check if server supports SSL
26.11.18 21:15:30.439  MODULE      ( PROCESS ) : SSL True
26.11.18 21:15:37.893  MODULE      ( ERROR   ) : Creation of certificate failed (/etc/univention/ssl/arw2k8server1.w2k8r2d2ar.net)
26.11.18 21:16:33.060  MODULE      ( PROCESS ) : Lookup ADDS DC
26.11.18 21:16:33.071  MODULE      ( PROCESS ) : running ['dig', '@10.200.8.126']
=======================================================================

I guess the reason is this:

root@backup11:~# /usr/sbin/univention-certificate new -name foo.ar41i1.qa
: Works only on the DC master
Comment 1 Arvid Requate univentionstaff 2018-11-27 11:26:04 CET
Created attachment 9756 [details]
Screenshot_20181127_104615.png

When trying to upload the certificate again (click back button), the attached error is displayed, see attached screenshot. The management-console-module-adconnector.log says:

27.11.18 10:16:05.521  MODULE      ( PROCESS ) : User is default AD Administrator
27.11.18 10:16:05.522  MODULE      ( PROCESS ) : Check if server supports SSL
27.11.18 10:16:06.924  MODULE      ( PROCESS ) : SSL True
27.11.18 10:16:15.805  MODULE      ( WARN    ) : connector is not configured yet, cannot test connection
27.11.18 10:16:23.278  MODULE      ( ERROR   ) : Creation of certificate failed (/etc/univention/ssl/arw2k8server1.w2k8r2d2ar.net)
27.11.18 10:16:39.503  MODULE      ( PROCESS ) : Check if server supports SSL
27.11.18 10:16:40.146  MODULE      ( PROCESS ) : SSL False

No clue how the "SSL False" comes up. When I run the library routine manually it works:

>>> import univention.lib.admember; print univention.lib.admember._server_supports_ssl("10.200.8.126")
True
Comment 2 Ingo Steuwer univentionstaff 2021-05-14 15:13:12 CEST
This issue has been filed against UCS 4.3.

UCS 4.3 is out of maintenance and many UCS components have changed in later releases. Thus, this issue is now being closed.

If this issue still occurs in newer UCS versions, please use "Clone this bug" or reopen it and update the UCS version. In this case please provide detailed information on how this issue is affecting you.