Univention Bugzilla – Bug 34650
AD Takeover App: traceback
Last modified: 2016-10-10 21:01:09 CEST
Stall at 98%, then: Ein Fehler ist aufgetreten: Die Ausführung des Kommandos copy_domain_data ist fehlgeschlagen: Traceback (most recent call last): File "/usr/lib/pymodules/python2.6/univention/management/console/modules/adtakeover/__init__.py", line 60, in _background result = func(self, request) File "/usr/lib/pymodules/python2.6/univention/management/console/modules/adtakeover/__init__.py", line 107, in copy_domain_data takeover.join_to_domain_and_copy_domain_data(ip, username, password, self.progress) File "/usr/lib/pymodules/python2.6/univention/management/console/modules/adtakeover/takeover.py", line 289, in join_to_domain_and_copy_domain_data takeover.start_s4_connector(progress) File "/usr/lib/pymodules/python2.6/univention/management/console/modules/adtakeover/takeover.py", line 1275, in start_s4_connector wait_for_s4_connector_replication(self.ucr, self.lp, progress) File "/usr/lib/pymodules/python2.6/univention/management/console/modules/adtakeover/takeover.py", line 1986, in wait_for_s4_connector_replication msgs = samdb.search(base="", scope=samba.ldb.SCOPE_BASE, attrs=["highestCommittedUSN"]) LdbError: (34, 'NULL Base DN invalid for a base search')
2nd try directly from the command-line: The S4 connector no longer starts and immediately exists with 0. The ad-takeover script is stuck waiting for it: > Starting S4 Connector > Waiting for S4 Connector sync > Progress details are logged to /var/log/univention/connector-s4-status.log .......................................................................... # tail connector-s4-status.log opening /var/log/univention/connector-s4.log failed Warning: Can't initialize LDAP-Connections, wait... # tail connector-s4.log 25.04.2014 19:17:09,672 MAIN (------ ): DEBUG_INIT 25.04.2014 19:17:09,693 LDAP (INFO ): init finished 25.04.2014 19:17:09,693 LDAP (INFO ): __init__: The LDAP connection to S4 does not use SSL (switched off by UCR "connector/s4/ldap/ssl"). 25.04.2014 19:17:09,702 LDAP (INFO ): close debug # ucr get connector/s4/ldap/ssl no The AD-takeover was started after using the UCS DC master for one day already, so the UCS already contains some data. The takeover script should at least better check for error conditions.
This was probably caused by using a non-standard sequence: The UCS DC Master was setup first and already used for one day. For demonstration purpose the MS Windows 2008 Server was setup later: the same DNS domain name was used, but Windows detected a conflict in the WINS name and proposed a different name (SCHULUNG6 → SCHULUNG60). This difference then causes Samba4 to no longer start: [2014/04/25 14:10:45.383931, 0, pid=1876] ../source4/librpc/rpc/dcerpc_sock.c:425(continue_ip_open_socket) Failed to connect host 172.16.1.61 (247fed98-8188-44c7-ae58-ad54ea70a717._msdcs.schulung6.ucs) on port 135 - NT_STATUS_HOST_UNREACHABLE. Maybe the AD takeover should check for that condition and abort with some useful error message instead of silently getting stuck?
*** This bug has been marked as a duplicate of bug 38983 ***
*** This bug has been marked as a duplicate of bug 39070 ***