Univention Bugzilla – Bug 57078
Regression: Since UCS 5.0-6 UCS cannot be set up as AD member anymore
Last modified: 2024-03-14 15:38:09 CET
Since UCS 5.0-6, the univention-ad-connector is not part of the DVD anymore. This results in the DVD Installation tests failing since then. This is the traceback that occurs if installation as AD member via DVD is attempted: Configuring Active Directory connection: Traceback (most recent call last): Configuring Active Directory connection: File "%PY3%/univention/management/console/modules/setup/setup_script.py", line 334, in run Configuring Active Directory connection: success = self.inner_run() Configuring Active Directory connection: File "/usr/lib/univention-system-setup/scripts/90_postjoin/10admember", line 114, in inner_run Configuring Active Directory connection: admember.rename_well_known_sid_objects(username, password) Configuring Active Directory connection: File "%PY3%/univention/lib/admember.py", line 1115, in rename_well_known_sid_objects Configuring Active Directory connection: stdout=subprocess.PIPE, stderr=subprocess.PIPE, close_fds=True) Configuring Active Directory connection: File "/usr/lib/python3.7/subprocess.py", line 775, in __init__ Configuring Active Directory connection: restore_signals, start_new_session) Configuring Active Directory connection: File "/usr/lib/python3.7/subprocess.py", line 1522, in _execute_child Configuring Active Directory connection: raise child_exception_type(errno_num, err_msg, err_filename) Configuring Active Directory connection: FileNotFoundError: [Errno 2] No such file or directory: '/usr/share/univention-ad-connector/scripts/well-known-sid-object-rename': '/usr/share/univention-ad-connector/scripts/well-known-sid-object-rename' We need to add the univention-ad-connector package back to the DVD in the next release.
https://jenkins2022.knut.univention.de/job/UCS-5.0/job/UCS-5.0-6/job/Installation%20Tests/mode=ad-member/ [5.0-6] 8b62e5ae7e fix(DVD): Re-add univention-ad-connector to ISO image base/univention-dvd/debian/changelog | 6 ++++++ base/univention-dvd/tasks/ucs506/task-ucs506 | 1 + 2 files changed, 7 insertions(+) Package: univention-dvd Version: 5.0.3-2 Branch: ucs_5.0-0 Scope: errata5.0-6 https://jenkins2022.knut.univention.de/job/UCS-5.0/job/UCS-5.0-6/job/BuildDVD/87/console QA: ssh omar isoinfo -i /var/univention/buildsystem2/isotests/ucs_5.0-6-20240222-155522-dvd-amd64.iso -f -R | grep --color -e ad-connector -e connector-ad -e adconnector /all/python3-univention-connector-ad_14.0.17-2_all.deb /all/univention-ad-connector_14.0.17-2_all.deb /all/univention-management-console-module-adconnector_14.0.17-2_all.deb /amd64/univention-monitoring-ad-connector_1.0.2-6_amd64.deb /amd64/univention-nagios-ad-connector_9.0.1-1A~5.0.0.202206231926_amd64.deb QA: https://jenkins2022.knut.univention.de/job/UCS-5.0/job/UCS-5.0-6/job/Installation%20Tests/mode=ad-member/81/console
I can see the package being on the new nightly DVD using isoinfo isoinfo -i /var/univention/buildsystem2/isotests/ucs_5.0-6-latest-amd64.iso -f -R The DVD installation test with this ISO still fails and univention-ad-connector is not in /var/cache/univention-system-setup/packages?
(In reply to Julia Bremer from comment #2) > I can see the package being on the new nightly DVD using isoinfo > isoinfo -i /var/univention/buildsystem2/isotests/ucs_5.0-6-latest-amd64.iso > -f -R > > The DVD installation test with this ISO still fails and > univention-ad-connector is not in > /var/cache/univention-system-setup/packages? This is a regression from [&721](https://git.knut.univention.de/groups/univention/-/epics/721): /v/c/uss/packages/is no longer used; all packages installed by USS are fetched directly from the online repository since 5.0-6: Sadly "AD Connection" uses the deprecated (since UCS-4.0) mechanism to install "components", which happens before `repistory/online=yes` is set ```console # grep --color -e '^=== 50' -e '^=== domain-join' -e ad-connector: /var/log/univention/setup.log … === 50_software/10software (2024-02-24 01:38:08) __ERR__:univention-ad-connector: No such package 24.02.24 01:38:09.044 ( ERROR ) : univention-ad-connector: No such package === domain-join (2024-02-24 01:38:10) # grep --color repository/online /var/log/univention/config-registry.replog … 2024-02-24 01:20:37: set repository/online=no old:[Previously undefined] … 2024-02-24 01:49:28: set repository/online=yes old:[Previously undefined] … ``` From [base/univention-system-setup/umc/python/setup/util.py:220-222](https://git.knut.univention.de/univention/ucs/-/blob/5.0-6/base/univention-system-setup/umc/python/setup/util.py?ref_type=heads#L220-L222): ```python selectedComponents = set(newValues.get('components', [])) if isAdMember and newValues['server/role'] == 'domaincontroller_master': selectedComponents.add('univention-ad-connector') ``` Enable the online repository earlier: [phahn/uss-adc] ad24e94531 fix(USS): ADC installation base/univention-system-setup/debian/changelog | 6 +++++ .../univention-system-setup/scripts/50_software/05repository | 40 +++++++++++++++++++++++++++++ .../lib/univention-system-setup/scripts/90_postjoin/20upgrade | 3 --- 3 files changed, 46 insertions(+), 3 deletions(-)
[5.0-6] 42d764bccb fix(USS): ADC installation base/univention-system-setup/debian/changelog | 7 +++++++ base/univention-system-setup/usr/share/univention-system-setup/download-packages | 2 +- 2 files changed, 8 insertions(+), 1 deletion(-) Package: univention-system-setup Version: 13.0.10-3 Branch: ucs_5.0-0 Scope: errata5.0-6 No YAML as change is only relevant for next 5.0-7; has to be copied manually by `repo-apt-copy ../ucs_5.0-0-errata5.0-6/source/ [ISO](https://jenkins2022.knut.univention.de/job/UCS-5.0/job/UCS-5.0-6/job/BuildDVD/97/console) /var/univention/buildsystem2/isotests/ucs_5.0-6-20240301-141240-dvd-amd64.iso [Test](https://jenkins2022.knut.univention.de/job/UCS-5.0/job/UCS-5.0-6/job/Installation%20Tests/mode=ad-member/) FAIL: missing `univention-samba` [5.0-6] dcf273e982 fix(USS): Re-add univention-samba to ISO and USS cache base/univention-dvd/debian/changelog | 6 ++++++ base/univention-dvd/tasks/ucs506/task-ucs506 | 2 ++ base/univention-system-setup/debian/changelog | 6 ++++++ base/univention-system-setup/usr/share/univention-system-setup/download-packages | 4 +++- 4 files changed, 17 insertions(+), 1 deletion(-) Package: univention-dvd Version: 5.0.3-3 Branch: ucs_5.0-0 Scope: errata5.0-6 Package: univention-system-setup Version: 13.0.10-4 Branch: ucs_5.0-0 Scope: errata5.0-6 [ISO](https://jenkins2022.knut.univention.de/job/UCS-5.0/job/UCS-5.0-6/job/BuildDVD/98/console] /var/univention/buildsystem2/isotests/ucs_5.0-6-20240301-152636-dvd-amd64.iso [Test](https://jenkins2022.knut.univention.de/job/UCS-5.0/job/UCS-5.0-6/job/Installation%20Tests/mode=ad-member/92/console) OKAY: SUCCESS
OK: ad-connector back on ISO (and univention-samba) OK: ad-connector and univention-samba available in /var/cache/univention-system-setup/packages OK: Installation from nightly DVD OK: Jenkins OK: No yaml needed, will be released with 5.0-7 patchlevel Verified