Univention Bugzilla – Full Text Bug Listing |
Summary: | AD Takeover App: traceback | ||
---|---|---|---|
Product: | UCS | Reporter: | Philipp Hahn <hahn> |
Component: | UMC - AD Connector | Assignee: | Connector maintainers <connector-maintainers> |
Status: | RESOLVED DUPLICATE | QA Contact: | |
Severity: | normal | ||
Priority: | P5 | CC: | best, gohmann, klaeser, requate |
Version: | UCS 3.2 | ||
Target Milestone: | UCS 3.2-x | ||
Hardware: | Other | ||
OS: | Linux | ||
What kind of report is it?: | --- | What type of bug is this?: | --- |
Who will be affected by this bug?: | --- | How will those affected feel about the bug?: | --- |
User Pain: | Enterprise Customer affected?: | ||
School Customer affected?: | ISV affected?: | ||
Waiting Support: | Flags outvoted (downgraded) after PO Review: | ||
Ticket number: | Bug group (optional): | Error handling | |
Max CVSS v3 score: |
Description
Philipp Hahn
2014-04-25 15:16:18 CEST
2nd try directly from the command-line:
The S4 connector no longer starts and immediately exists with 0.
The ad-takeover script is stuck waiting for it:
> Starting S4 Connector
> Waiting for S4 Connector sync
> Progress details are logged to /var/log/univention/connector-s4-status.log
..........................................................................
# tail connector-s4-status.log
opening /var/log/univention/connector-s4.log failed
Warning: Can't initialize LDAP-Connections, wait...
# tail connector-s4.log
25.04.2014 19:17:09,672 MAIN (------ ): DEBUG_INIT
25.04.2014 19:17:09,693 LDAP (INFO ): init finished
25.04.2014 19:17:09,693 LDAP (INFO ): __init__: The LDAP connection to S4 does not use SSL (switched off by UCR "connector/s4/ldap/ssl").
25.04.2014 19:17:09,702 LDAP (INFO ): close debug
# ucr get connector/s4/ldap/ssl
no
The AD-takeover was started after using the UCS DC master for one day already, so the UCS already contains some data.
The takeover script should at least better check for error conditions.
This was probably caused by using a non-standard sequence: The UCS DC Master was setup first and already used for one day. For demonstration purpose the MS Windows 2008 Server was setup later: the same DNS domain name was used, but Windows detected a conflict in the WINS name and proposed a different name (SCHULUNG6 → SCHULUNG60). This difference then causes Samba4 to no longer start: [2014/04/25 14:10:45.383931, 0, pid=1876] ../source4/librpc/rpc/dcerpc_sock.c:425(continue_ip_open_socket) Failed to connect host 172.16.1.61 (247fed98-8188-44c7-ae58-ad54ea70a717._msdcs.schulung6.ucs) on port 135 - NT_STATUS_HOST_UNREACHABLE. Maybe the AD takeover should check for that condition and abort with some useful error message instead of silently getting stuck? *** This bug has been marked as a duplicate of bug 38983 *** |