Univention Bugzilla – Bug 37263
Verification of the DNS server should return the actual error
Last modified: 2021-05-03 21:26:48 CEST
2014120921000262 Nameserver validation says "The specified nameserver %s is not part of a valid UCS domain." looking at the log file (and code) reveals more precise messages that should be shown to the user: In "def get_fqdn()" * 'Lookup for nameserver %s failed: %s' * 'Lookup for nameserver %s timed out: %s'
In addition more messages should be added (at least to the logfile) when reverse lookup, computing of the domain name etc. goes wrong. In this case, the PTR record for the DNS server was broken, only pointing to a hostname instead of an FQDN: dn: relativeDomainName=240,zoneName=1.168.192.in-addr.arpa,cn=dns,dc=x,dc=y objectClass: top objectClass: dNSZone relativeDomainName: 240 zoneName: 1.168.192.in-addr.arpa pTRRecord: univention.
*** Bug 37273 has been marked as a duplicate of this bug. ***
(In reply to Alexander Kläser from comment #2) > *** Bug 37273 has been marked as a duplicate of this bug. *** No duplicate, I was a bit too fast
A customer experienced this again because of a missing PTR record. More precise error messages would have helped a lot.
There is a Customer ID set so I set the flag "Enterprise Customer affected".
We now call univention-join -checkPrerequisites in the UCS system setup, which checks for several issues, such as DC master dns records in the nameserver, return the nslookup output, etc. Implemented in bug 42022 -> Worksforme
Created attachment 9763 [details] Screenshot_20181128_153750.png I've taken a UCS 4.3-2 template via ucs-kt-get and specified the IP of another UCS 4.3-2 DC Master, where I manually removed his ptr record to simulate the error condition. The attached screenshot shows that the additional checks of Bug #42022 did not improve the error message in this situation. The error message is shown in management-console-module-setup.log: 28.11.18 15:37:17.469 MODULE ( WARN ) : Lookup for nameserver 10.200.8.10 failed: NXDOMAIN The DNS query name does not exist: 10.8.200.10.in-addr.arpa. But if the customer installed from ISO he a) does not know that he should look into this log file b) only sees a warning but not an ERROR and c) he cannot connect to the system via SSH yet, because the software has not been installed yet. I would expect to 1) see an ERROR logged at some point here and 2) a more detailed error message in the system setup error popup.