Univention Bugzilla – Bug 55053
univention-join fails without a error message
Last modified: 2024-01-12 09:48:40 CET
Version: 4.4-7 errata893 (Blumenthal) Domain setup (this might take a while): Please visit https://help.univention.com/t/8842 for common problems during the join and how to fix them -- The ssh-login to Administrator@***.***.** failed with " ". Please make sure the account Administrator exists and is a member of the Domain Admins group! Mon Feb 15 09:40:00 CET 2021: starting /usr/sbin/univention-join -dcname ***.***.** -dcaccount Administrator -dcpwd /var/cache/univention-system-setup/secret -checkPrerequisites running version check OK: UCS version on ***.****.** is higher or equal (4.47) to the local version (4.47). Check if /var/lib/univention-directory-replication/failed.ldif exists Mon Feb 15 09:40:07 CET 2021: finish /usr/sbin/univention-join Mon Feb 15 01:52:20 MST 2021: starting /usr/share/univention-join/univention-join -dcname ***.***.** -dcaccount Administrator -dcpwd /tmp/tmp.wclJoxpMXv
Reported again Version: 5.0-2 errata441 Error: Domäneneinrichtung (Dies kann einige Zeit dauern): Please visit https://help.univention.com/t/8842 for common problems during the join and how to fix them -- The ssh-login to Administrator@***.***.*** failed with " ". Please make sure the account Administrator exists and is a member of the Domain Admins group! Tue Oct 4 20:06:32 CEST 2022: starting /sbin/univention-join -dcname pdcbb.bb.ucs -dcaccount Administrator -dcpwd /var/cache/univention-system-setup/secret -checkPrerequisites running version check OK: UCS version on ***.***.*** is higher or equal (5.02) to the local version (5.02). Check if /var/lib/univention-directory-replication/failed.ldif exists Tue Oct 4 20:06:39 CEST 2022: finish /sbin/univention-join Tue Oct 4 20:19:55 CEST 2022: starting /usr/share/univention-join/univention-join -dcname ***.***.*** -dcaccount Administrator -dcpwd /tmp/tmp.Sj0VMV8rZ0 Role: domaincontroller_slave
Version: 5.0-4 errata721 Error: Domäneneinrichtung (Dies kann einige Zeit dauern): Please visit https://help.univention.com/t/8842 for common problems during the join and how to fix them -- The ssh-login to Administrator@***.***.** failed with "@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ @ WARNING: POSSIBLE DNS SPOOFING DETECTED! @ @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ The ECDSA host key for ***.***.** has changed, and the key for the corresponding IP address 192.168.22.146 is unknown. This could either mean that DNS SPOOFING is happening or the IP address for the host and its host key have changed at the same time. @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ @ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @ @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY! Someone could be eavesdropping on you right now (man-in-the-middle attack)! It is also possible that a host key has just been changed. The fingerprint for the ECDSA key sent by the remote host is SHA256:*****. Please contact your system administrator. Add correct host key in /root/.ssh/known_hosts to get rid of this message. Offending ECDSA key in /root/.ssh/known_hosts:1 remove with: ssh-keygen -f "/root/.ssh/known_hosts" -R "***.***.**" Password authentication is disabled to avoid man-in-the-middle attacks. Keyboard-interactive authentication is disabled to avoid man-in-the-middle attacks. Administrator@***.***.**: Permission denied (publickey,gssapi-keyex,gssapi-with-mic,keyboard-interactive). ". Please make sure the account Administrator exists and is a member of the Domain Admins group! Fri Jun 30 11:59:20 CEST 2023: starting /usr/sbin/univention-join -dcname ***.***.** -dcaccount Administrator -dcpwd /var/cache/univention-system-setup/secret -checkPrerequisites running version check OK: UCS version on ***.***.** is higher or equal (5.04) to the local version (5.04). Check if /var/lib/univention-directory-replication/failed.ldif exists Fri Jun 30 11:59:25 CEST 2023: finish /usr/sbin/univention-join Fri Jun 30 12:04:29 CEST 2023: starting /usr/share/univention-join/univention-join -dcname ***.***.** -dcaccount Administrator -dcpwd /tmp/tmp.kOyTLeYaxD Role: domaincontroller_slave
Version: 5.0-3 errata645 Error: Domäneneinrichtung (Dies kann einige Zeit dauern): Please visit https://help.univention.com/t/8842 for common problems during the join and how to fix them -- The ssh-login to Administrator@***.***.** failed with " ". Please make sure the account Administrator exists and is a member of the Domain Admins group! Sun Apr 23 11:15:27 CEST 2023: starting /usr/sbin/univention-join -dcname ***.***.** -dcaccount Administrator -dcpwd /var/cache/univention-system-setup/secret -checkPrerequisites running version check OK: UCS version on ***.***.** is higher or equal (5.03) to the local version (5.03). Check if /var/lib/univention-directory-replication/failed.ldif exists Sun Apr 23 11:15:34 CEST 2023: finish /usr/sbin/univention-join Sun Apr 23 11:21:27 CEST 2023: starting /usr/share/univention-join/univention-join -dcname ***.***.** -dcaccount Administrator -dcpwd /tmp/tmp.rZWpMj5Zss ************************************************************************** * Join failed! * * Contact your system administrator * ************************************************************************** * Message: Please visit https://help.univention.com/t/8842 for common problems during the join and how to fix them -- The ssh-login to Administrator@***.***.** failed with " ". Please make sure the account Administrator exists and is a member of the Domain Admins group! ************************************************************************** Role: domaincontroller_backup
2024010921000362 5.0-5 errata907 2024010921000344 5.0-5 errata907 Remark: ubi pls fix Domäneneinrichtung (Dies kann einige Zeit dauern): Please visit https://help.univention.com/t/8842 for common problems during the join and how to fix them -- The ssh-login to administrator@*** failed with "@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ @ WARNING: POSSIBLE DNS SPOOFING DETECTED! @ @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ The ECDSA host key for *** has changed, and the key for the corresponding IP address 172.16.0.4 is unknown. This could either mean that DNS SPOOFING is happening or the IP address for the host and its host key have changed at the same time. @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ @ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @ @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY! Someone could be eavesdropping on you right now (man-in-the-middle attack)! It is also possible that a host key has just been changed. The fingerprint for the ECDSA key sent by the remote host is SHA256:SCoRRp8s1zqX15+0deNX0M5ZQI2xlZXqcjKh99retJk. Please contact your system administrator. Add correct host key in /root/.ssh/known_hosts to get rid of this message. Offending ECDSA key in /root/.ssh/known_hosts:1 remove with: ssh-keygen -f "/root/.ssh/known_hosts" -R "***" Password authentication is disabled to avoid man-in-the-middle attacks. Keyboard-interactive authentication is disabled to avoid man-in-the-middle attacks. administrator@***: Permission denied (publickey,gssapi-keyex,gssapi-with-mic,keyboard-interactive). ". Please make sure the account administrator exists and is a member of the Domain Admins group! Tue Jan 9 12:55:16 CET 2024: starting /usr/sbin/univention-join -dcname *** -dcaccount administrator -dcpwd /var/cache/univention-system-setup/secret -checkPrerequisites running version check OK: UCS version on *** is higher or equal (5.06) to the local version (5.05). Check if /var/lib/univention-directory-replication/failed.ldif exists Tue Jan 9 12:55:21 CET 2024: finish /usr/sbin/univention-join Tue Jan 9 12:57:59 CET 2024: starting /usr/sbin/univention-join -dcname *** -dcaccount administrator -dcpwd /var/cache/univention-system-setup/secret -checkPrerequisites running version check OK: UCS version on *** is higher or equal (5.06) to the local version (5.05). Check if /var/lib/univention-directory-replication/failed.ldif exists Tue Jan 9 12:58:03 CET 2024: finish /usr/sbin/univention-join Tue Jan 9 13:02:17 CET 2024: starting /usr/share/univention-join/univention-join -dcname *** -dcaccount administrator -dcpwd /tmp/tmp.4IXJXVkYto ************************************************************************** * Join failed! * * Contact your system administrator * ************************************************************************** * Message: Please visit https://help.univention.com/t/8842 for common problems during the join and how to fix them -- The ssh-login to administrator@*** failed with "@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ @ WARNING: POSSIBLE DNS SPOOFING DETECTED! @ @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ The ECDSA host key for *** has changed, and the key for the corresponding IP address 172.16.0.4 is unknown. This could either mean that DNS SPOOFING is happening or the IP address for the host and its host key have changed at the same time. @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ @ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @ @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY! Someone could be eavesdropping on you right now (man-in-the-middle attack)! It is also possible that a host key has just been changed. The fingerprint for the ECDSA key sent by the remote host is SHA256:SCoRRp8s1zqX15+0deNX0M5ZQI2xlZXqcjKh99retJk. Please contact your system administrator. Add correct host key in /root/.ssh/known_hosts to get rid of this message. Offending ECDSA key in /root/.ssh/known_hosts:1 remove with: ssh-keygen -f "/root/.ssh/known_hosts" -R "***" Password authentication is disabled to avoid man-in-the-middle attacks. Keyboard-interactive authentication is disabled to avoid man-in-the-middle attacks. administrator@***: Permission denied (publickey,gssapi-keyex,gssapi-with-mic,keyboard-interactive). ". Please make sure the account administrator exists and is a member of the Domain Admins group! **************************************************************************