Univention Bugzilla – Bug 50584
apply ucr-policies early in join
Last modified: 2020-03-16 09:00:22 CET
The ucr variable are set relatively late in the join process. However, there are variables that should or must be set before the join process, because they are important for the initial setup of the LDAP. It is basically about variables that influence the execution of listener modules. ldap/database/mdb/* A join is not possible connector/s4/mapping/* Various settings whose changes would cause an explicit re-sync of the affected objects in the S4 connector ucsschool/userlogon/* Must be set before the join, otherwise the userlogon scripts will be generated incorrectly. printer/assignment/vbs/* The same as ucsschool/userlogon/* These variables still have to be set locally on the host before, apart from the LDAP. Maybe it makes sense to move the adoption of LDAP policies to the beginning of the join process?
Cu in a large environment has this issue, too. A default join fails because the s4-connector needs more than an hour to sync while the joinscript 98univention-samba4-dns.inst waits for "dns-hostname" and finally times out. Settings the UCRV squid/kerberos/join/timeout to ie 14400 appears to help. (just waiting until the s4-connector is done would help, too) As this is a ucs@school environment, Samba is automatically installed. However, customer an not install and join the server in a single step- He has to act manually to finalize the process every time! Having a possibility to set the variable during first installation would prevent this issue here...