Bug 40212

Summary: UMC System Setup AD-Connection should enforce hostname < 16 characters
Product: UCS Reporter: Arvid Requate <requate>
Component: UMC - Basic settingsAssignee: Florian Best <best>
Status: CLOSED FIXED QA Contact: Johannes Keiser <keiser>
Severity: normal    
Priority: P5 CC: best
Version: UCS 4.1Flags: best: Patch_Available+
Target Milestone: UCS 4.2-1-errata   
Hardware: Other   
OS: Linux   
What kind of report is it?: Bug Report What type of bug is this?: 6: Setup Problem: Issue for the setup process
Who will be affected by this bug?: 1: Will affect a very few installed domains How will those affected feel about the bug?: 3: A User would likely not purchase the product
User Pain: 0.103 Enterprise Customer affected?:
School Customer affected?: ISV affected?:
Waiting Support: Flags outvoted (downgraded) after PO Review:
Ticket number: Bug group (optional):
Max CVSS v3 score:
Bug Depends on:    
Bug Blocks: 56128    
Attachments: setup.log
patch
patch

Description Arvid Requate univentionstaff 2015-12-10 13:37:01 CET 
UMC System Setup AD-Connection fails if the Netbios name is longer than 15 characters.

The UMC should check that the Netbios/hostname is not longer than 15 characters.
There is a check in UMC/modules/setup/__init__.py, but to me it looks like it is only blocking ("critical") if either univention-samba or univention-samba4 are selected for installation.

We need to ensure that this limit is also enforced when doing an AD-Connection setup.

This is the relevant part from setup.log:
========================================================================
Running postjoin scripts
run-parts: executing /usr/lib/univention-system-setup/scripts/90_postjoin/10admember
=== 90_postjoin/10admember (2015-12-10 13:24:55) ===
__NAME__:90_postjoin/10admember Einrichten der Active-Directory-Verbindung

[...]

10.12.15 13:25:50.950  MODULE      ( PROCESS ) : Running samba join script

[...]

Setting stored password for "cn=MASTER-UCS-42-25,cn=dc,cn=computers,dc=lohn,dc=direct" in secrets.tdb
setting idmap secret for '*' from /etc/machine.secret
Secret stored
Stopping Samba daemons: nmbd smbd.
Starting Samba daemons: nmbd smbd.
Object modified: cn=MASTER-UCS-42-25,cn=dc,cn=computers,dc=lohn,dc=direct
Invalid configuration.  Exiting....
Our netbios name can be at most 15 chars long, "MASTER-UCS-42-25" is 16 chars long
Failed to join domain: The format of the specified computer name is invalid.
ERROR: Failed to join to AD DC via net ads join. Please check your Samba DCs and your DNS and WINS configuration.
========================================================================
Comment 1 Arvid Requate univentionstaff 2015-12-10 13:37:20 CET 
Created attachment 7361 [details]
setup.log
Comment 2 Florian Best univentionstaff 2015-12-14 17:54:05 CET 
Created attachment 7370 [details]
patch
Comment 3 Florian Best univentionstaff 2015-12-14 17:55:05 CET 
Created attachment 7371 [details]
patch
Comment 4 Florian Best univentionstaff 2017-07-05 15:35:26 CEST 
Patch has been applied.

univention-system-setup (10.0.10-22):
r80872 | Bug #40212: restrict hostname of AD systems to 16 characters

univention-system-setup.yaml:
r80873 | YAML Bug #40212
Comment 5 Johannes Keiser univentionstaff 2017-07-06 12:15:59 CEST 
OK The hostname is restricted to a maximum of 13 characters

YAML: OK (r 80913 | 80914 - adjusted line length and typo)

-> verified
Comment 6 Erik Damrose univentionstaff 2017-07-26 14:39:19 CEST 
<http://errata.software-univention.de/ucs/4.2/109.html>