Univention Bugzilla – Bug 38357
UCS memberservers currently cannot find a server for password authentication/change
Last modified: 2019-01-03 07:18:31 CET
On a memberserver without Samba3 / Samba4 kerberos/kdc remains unset. Because of that pam_krb5.so falls back to using DNS. In a firewalled environment contacting those servers fails. Therefore logging in as a user fails. Similar to Bug #30839 (S4) and Bug #30843 (S3). management/univention-join/univention-join only sets "kerberos/adminserver", but not "kerberos/kdc"
There is a Customer ID set so I set the flag "Enterprise Customer affected".
This issue has been filled against UCS 4.0. The maintenance with bug and security fixes for UCS 4.0 has ended on 31st of May 2016. Customers still on UCS 4.0 are encouraged to update to UCS 4.3. Please contact your partner or Univention for any questions. If this issue still occurs in newer UCS versions, please use "Clone this bug" or simply reopen the issue. In this case please provide detailed information on how this issue is affecting you.