univention-app info UCS: 4.4-5 errata652 Installed: adconnector=12.0 itslearning=3.1 self-service=4.0 self-service-backend=4.0 ucs-to-school-transformer=1.3.0 ucsschool=4.4 v5 ucsschool-kelvin-rest-api=1.1.1 Upgradable: itslearning Nagios Check reports the following when running check_univention_ad_connector. ad-connector works fine, adsearch as well. for info: restarted nagios, nagios-nrpe on nagios host and nagios nrpe on ucs system where ad-connector is running. /usr/lib/nagios/plugins/check_univention_ad_connector Traceback (most recent call last): File "/usr/sbin/univention-connector-list-rejected", line 185, in <module> main() File "/usr/sbin/univention-connector-list-rejected", line 146, in main False File "/usr/lib/python2.7/dist-packages/univention/connector/ad/__init__.py", line 863, in __init__ self.open_ad() File "/usr/lib/python2.7/dist-packages/univention/connector/ad/__init__.py", line 1130, in open_ad self.lo_ad = univention.uldap.access(host=self.ad_ldap_host, port=int(self.ad_ldap_port), base=self.ad_ldap_base, binddn=self.ad_ldap_binddn, bindpw=self.ad_ldap_bindpw, start_tls=tls_mode, use_ldaps=ldaps, ca_certfile=self.ad_ldap_certificate, decode_ignorelist=BINARY_ATTRIBUTES) File "/usr/lib/python2.7/dist-packages/univention/uldap.py", line 283, in __init__ self.__open(ca_certfile) File "/usr/lib/python2.7/dist-packages/univention/uldap.py", line 370, in __open self.bind(self.binddn, self.bindpw) File "/usr/lib/python2.7/dist-packages/univention/uldap.py", line 207, in _decorated return func(self, *args, **kwargs) File "/usr/lib/python2.7/dist-packages/univention/uldap.py", line 303, in bind self.lo.simple_bind_s(self.binddn, self.__encode_pwd(self.bindpw)) File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 949, in simple_bind_s res = self._apply_method_s(SimpleLDAPObject.simple_bind_s,*args,**kwargs) File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 935, in _apply_method_s self.reconnect(self._uri,retry_max=self._retry_max,retry_delay=self._retry_delay) File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 911, in reconnect raise e ldap.SERVER_DOWN: {'info': 'error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed (unable to get local issuer certificate)', 'desc': "Can't contact LDAP server"} ADCONNECTOR OK: System operational. the event appears also in connecor.log: 16.07.2020 11:10:35.275 MAIN (------ ): DEBUG_INIT 16.07.2020 11:10:45.468 LDAP (ERROR ): Failed to lookup AD LDAP base, using UCR value: {'info': 'error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed (unable to get local issuer certificate)', 'desc': "Can't contact LDAP server"} referenced bug https://forge.univention.org/bugzilla/show_bug.cgi?id=51673, because there may is a context inbetween them.
see #51673