Bug 45463 – Non-Edu school slave: dhcpd won't start

Bug 45463 - Non-Edu school slave: dhcpd won't start


Summary:	Non-Edu school slave: dhcpd won't start

Status:	CLOSED FIXED

Product:	UCS@school
Classification:	Unclassified
Component:	General
Version:	UCS@school 4.1 R2
Hardware:	Other Linux

Importance:	P5 normal (vote)
Target Milestone:	UCS@school 4.1 R2 v14
Assigned To:	Florian Best
QA Contact:	Daniel Tröder

URL:
Keywords:

Depends on:	42687
Blocks:
	Show dependency tree / graph

Reported:	2017-09-27 16:30 CEST by Florian Best
Modified:	2017-10-16 21:33 CEST (History)
CC List:	5 users (show)

See Also:
What kind of report is it?:	Bug Report
What type of bug is this?:	5: Major Usability: Impairs usability in key scenarios
Who will be affected by this bug?:	2: Will only affect a few installed domains
How will those affected feel about the bug?:	3: A User would likely not purchase the product
User Pain:	0.171
Enterprise Customer affected?:
School Customer affected?:	Yes
ISV affected?:
Waiting Support:
Flags outvoted (downgraded) after PO Review:
Ticket number:
Bug group (optional):
Max CVSS v3 score:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Florian Best

2017-09-27 16:30:24 CEST

Backport to UCS@school 4.1R2.

+++ This bug was initially created as a clone of Bug #42687 +++

UCS@school Multi-Server
UCS@school 4.1 R2 v6
UCS 4.1-3 Errata 292

The DHCP server object for the administrative UCS@school server is not created underneath the school OU.

Educational school slave:
dn: cn=sedu011-01,cn=011,cn=dhcp,ou=011,dc=schulen,dc=example,dc=org

Administrative school slave:
dn: cn=sadm011-01,cn=schulen.example.org,cn=dhcp,dc=schulen,dc=example,dc=org

dhcpd then refuses to start on the administraive school slave:
> Oct 16 23:22:17 sadm011-01 dhcpd: Error: Cannot find LDAP entry matching (&(objectClass=dhcpServer)(cn=sadm011-01))
> Oct 16 23:22:17 sadm011-01 dhcpd: Configuration file errors encountered -- exiting


How to reproduce:

1. Install UCS Master with Samba/AD
→ Add UCS@school Multi-Server-Env and DHCP Server via App Center

2. Create school with:
> /usr/share/ucs-school-import/scripts/create_ou --displayName="Grundschule Nord" 011 sedu011-01 sadm011-01

3. Import networks:
> cat networks.csv:
> 011     10.200.23.0/24  10.200.23.200-10.200.23.249     10.200.23.1     10.200.23.250   10.200.23.250
> 011     10.200.34.0/24  10.200.34.200-10.200.34.249     10.200.34.1     10.200.34.250   10.200.34.250
>
> /usr/share/ucs-school-import/scripts/import_networks networks.csv

4. Install UCS Slave "sedu011-01" and join
→ install UCS@school and configure with Samba/AD and as educational server
→ install DHCP Server via App Center

5. Install UCS Slave "sadm011-01" and join
→ install UCS@school and configure with Samba/AD and as administrative server
→ install DHCP Server via App Center


Workaround:
1. Delete this DHCP Server: cn=sadm011-01,cn=schulen.example.org,cn=dhcp,dc=schulen,dc=example,dc=org
2. Create a new one: cn=sadm011-01,cn=011,cn=dhcp,ou=011,dc=schulen,dc=example,dc=org
3. Have a look at daemon.log:
> Oct 16 23:28:17 sadm011-01 dhcpd: Error: Cannot find LDAP entry matching (&(objectClass=dhcpServer)(cn=sadm011-01))
> Oct 16 23:28:17 sadm011-01 dhcpd: Configuration file errors encountered -- exiting
> Oct 16 23:29:17 sadm011-01 dhcpd: Wrote 0 leases to leases file.
> Oct 16 23:29:17 sadm011-01 dhcpd:
> Oct 16 23:29:17 sadm011-01 dhcpd: No subnet declaration for docker0 (172.17.42.1).
> Oct 16 23:29:17 sadm011-01 dhcpd: ** Ignoring requests on docker0.  If this is not what
> Oct 16 23:29:17 sadm011-01 dhcpd:    you want, please write a subnet declaration
> Oct 16 23:29:17 sadm011-01 dhcpd:    in your dhcpd.conf file for the network segment
> Oct 16 23:29:17 sadm011-01 dhcpd:    to which interface docker0 is attached. **
> Oct 16 23:29:17 sadm011-01 dhcpd:
> Oct 16 23:29:23 sadm011-01 dhcpd: DHCPDISCOVER from 52:54:00:85:44:f7 via eth0
> Oct 16 23:29:23 sadm011-01 dhcpd: DHCPOFFER on 10.200.34.200 to 52:54:00:85:44:f7 via eth0
> Oct 16 23:29:23 sadm011-01 dhcpd: DHCPREQUEST for 10.200.34.200 (10.200.34.250) from 52:54:00:85:44:f7 via eth0
> Oct 16 23:29:23 sadm011-01 dhcpd: DHCPACK on 10.200.34.200 to 52:54:00:85:44:f7 via eth0
> Oct 16 23:29:26 sadm011-01 dhcpd: DHCPDISCOVER from 00:19:99:a2:66:26 via eth0: network 10.200.34.0/24: no free leases

Workaround took place between 23:28:17 and 23:29:17. The docker0 thing is Bug 39872

Comment 1 Florian Best

2017-09-27 16:55:25 CEST

The cause was that for administrative DC Slaves not DHCP Server object was created or moved, so that the univention-dhcp joinscript created one in the wrong position. The object is not created or moved during the OU creation.

ucs-school-lib.yaml:
2d15b04d7376 | Bug #45463: Merge branch 'fbest/45463-dhcp-server-administrative-slave' into 4.1r2
7f588830c117 | Changelog/YAML Bug #45463

ucs-school-lib (9.0.33-6):
2d15b04d7376 | Bug #45463: Merge branch 'fbest/45463-dhcp-server-administrative-slave' into 4.1r2
7f588830c117 | Changelog/YAML Bug #45463

ucs-school-import (14.0.16-48):
2d15b04d7376 | Bug #45463: Merge branch 'fbest/45463-dhcp-server-administrative-slave' into 4.1r2
7f588830c117 | Changelog/YAML Bug #45463

ucs-school-import.yaml:
2d15b04d7376 | Bug #45463: Merge branch 'fbest/45463-dhcp-server-administrative-slave' into 4.1r2
7f588830c117 | Changelog/YAML Bug #45463

Comment 2 Daniel Tröder

2017-10-10 19:28:03 CEST

OK: advisory
OK: code
OK: manual test in multi-server env, no dhcp server in domain container, UMC schoolinstaller:
root@schooladm86:~# udm dhcp/server list

DN: cn=schooladm86,cn=newschool2,cn=dhcp,ou=NewSchool2,dc=uni,dc=dtr
ARG: None
  server: schooladm86

OK: manual test in multi-server env, no dhcp server in domain container, create_ou:

root@sch-m4:~# /usr/share/ucs-school-import/scripts/create_ou --displayName="Grundschule Nord2" NewestSchool3 newestschool3-edu-01 schooladmnewest3

need to create container cn=dhcp,ou=NewestSchool3,dc=uni,dc=dtr
creating object cn=dhcp,ou=NewestSchool3,dc=uni,dc=dtr
[..]
creating object cn=newestschool3,cn=dhcp,ou=NewestSchool3,dc=uni,dc=dtr
need to create dhcp service: cn=newestschool3,cn=dhcp,ou=NewestSchool3,dc=uni,dc=dtr
need to create dhcp server: 
creating object cn=newestschool3-edu-01,cn=newestschool3,cn=dhcp,ou=NewestSchool3,dc=uni,dc=dtr
creating object None
need to attach policy: cn=dhcp-dns-clear,cn=policies,ou=NewestSchool3,dc=uni,dc=dtr
Object created: cn=ou-default-ucr-policy,cn=policies,ou=newestschool3,dc=uni,dc=dtr
Object modified: cn=ou-default-ucr-policy,cn=policies,ou=newestschool3,dc=uni,dc=dtr
Object modified: ou=newestschool3,dc=uni,dc=dtr
40dhcpsearchbase_create: added new UCR policy cn=ou-default-ucr-policy,cn=policies,ou=newestschool3,dc=uni,dc=dtr to OU ou=newestschool3,dc=uni,dc=dtr
45dhcpdns_create: modifying OU newestschool3 ...
Object created: cn=dhcp-dns-newestschool3,cn=policies,ou=NewestSchool3,dc=uni,dc=dtr
Object modified: cn=dhcp,ou=NewestSchool3,dc=uni,dc=dtr
45dhcpdns_create: done
Object created: cn=Marktplatz,cn=shares,ou=NewestSchool3,dc=uni,dc=dtr
52marktplatz_create: added new share Markplatz for server newestschool3-edu-01.uni.dtr
Object created: cn=examusers,ou=newestschool3,dc=uni,dc=dtr
Object created: cn=OUnewestschool3-Klassenarbeit,cn=ucsschool,cn=groups,dc=uni,dc=dtr
60schoolexam-master: Exam container 'cn=examusers,ou=newestschool3' and group 'OUnewestschool3-Klassenarbeit' created.
creating object cn=schooladmnewest3,cn=dc,cn=server,cn=computers,ou=NewestSchool3,dc=uni,dc=dtr
need to create dhcp server: 
creating object cn=schooladmnewest3,cn=newestschool3,cn=dhcp,ou=NewestSchool3,dc=uni,dc=dtr

root@sch-m4:~# udm dhcp/server list
[..]
DN: cn=newestschool3-edu-01,cn=newestschool3,cn=dhcp,ou=NewestSchool3,dc=uni,dc=dtr
ARG: None
  server: newestschool3-edu-01

DN: cn=schooladmnewest3,cn=newestschool3,cn=dhcp,ou=NewestSchool3,dc=uni,dc=dtr
ARG: None
  server: schooladmnewest3

Comment 3 Sönke Schwardt-Krummrich

2017-10-16 21:33:07 CEST

UCS@school 4.1 R2 v14 has been released.

http://docs.software-univention.de/changelog-ucsschool-4.1R2v14-de.html

If this error occurs again, please clone this bug.