Univention Bugzilla – Bug 43140
App Appliance: Some LDAP objects still contain default network address
Last modified: 2017-06-19 15:04:48 CEST
When running the fast demo mode, the following LDAP objects still contain the information of the default network 10.203.*.*: dn: cn=default-settings,cn=dns,cn=dhcp,cn=policies,dc=ucs,dc=example univentionDhcpDomainNameServers: 10.203.10.40 dn: zoneName=203.10.in-addr.arpa,cn=dns,dc=ucs,dc=example zoneName: 203.10.in-addr.arpa dn: relativeDomainName=ucs-sso,zoneName=ucs.example,cn=dns,dc=ucs,dc=example aRecord: 10.203.10.40 This might lead to problems when using SSO or DHCP with a pre-configured demo system. +++ This bug was initially created as a clone of Bug #42944 +++ When using an app appliance with fast demo mode, a preconfigured LDAP is shipped in the appliance. When updating ip address settings in system setup, the host DNS settings are not correctly updated.
Its worse in UCS 4.2, as the IP adresses for installed apps on the portal is also not updated. There was no nice mechanism to update the information for portal_entry objects until bug #43671 was fixed. Now the old ip address has to be set as an 'old' ip address during reconfiguration in system setup, lets set UCR system/setup/boot/old_ipv4 QA: no old ip address should be in the app appliance after fast demo mode was selected (grep for 10.203) r79433 univention-system-setup 10.0.10-17A~4.2.0.201705181750 r79434 yaml r79435 configure UCRv during appliance creation
@Erik: how can I test this?
@Florian: Grab an old UCS 4.1 appliance, e.g. kopano: /var/univention/buildsystem2/mirror/appcenter/univention-apps/4.1/kopano-core/ Install and select fast demo mode in system setup. The LDAP will not be re-provisioned. After activating the appliance, search the LDAP for old ip addresses, starting with 10.203... In a new appliance, e.g. /var/univention/buildsystem2/mirror/appcenter.test/univention-apps/4.2/kopano-core/, all ip addresses should have been updated to the one configured during system setup, when fast demo mode is selected.
The current appliances don't boot into the system setup but show a login prompt. For the QA I used omar:/var/univention/buildsystem2/temp/edamrose/Univention-App-kopano-core-virtualbox.ova which has an old system setup installed. I installed the latest version manually and ucr set system/setup/boot/old_ipv4=10.203.10.40. Prior the following ldap entries exixted: root@master:~# univention-ldapsearch -LLL | ldapsearch-wrapper | grep 10\.2 aRecord: 10.200.27.202 aRecord: 10.203.10.40 sambaSID: S-1-5-21-2143303088-2788026720-2782765010-11012 univentionNextIp: 10.200.27.1 univentionNetwork: 10.200.27.0 univentionDhcpDomainNameServers: 10.203.10.40 sambaPrimaryGroupSID: S-1-5-21-2143303088-2788026720-2782765010-11012 aRecord: 10.200.27.202 univentionPortalEntryLink: http://10.203.10.40/webapp univentionPortalEntryLink: https://10.203.10.40/webapp univentionPortalEntryLink: https://10.203.10.40/webmeetings univentionPortalEntryLink: http://10.203.10.40/webmeetings univentionPortalEntryLink: https://10.203.10.40/univention/portal/ univentionPortalEntryLink: http://10.203.10.40/univention/portal/ After a reboot with system setup the following correct entries exists: # univention-ldapsearch -LLL | ldapsearch-wrapper | grep 10\.2 aRecord: 10.200.27.202 aRecord: 10.200.27.202 sambaSID: S-1-5-21-2143303088-2788026720-2782765010-11012 univentionNextIp: 10.200.27.1 univentionNetwork: 10.200.27.0 univentionDhcpDomainNameServers: 10.200.27.202 sambaPrimaryGroupSID: S-1-5-21-2143303088-2788026720-2782765010-11012 aRecord: 10.200.27.202 univentionPortalEntryLink: http://10.200.27.202/webapp univentionPortalEntryLink: https://10.200.27.202/webapp univentionPortalEntryLink: https://10.200.27.202/webmeetings univentionPortalEntryLink: http://10.200.27.202/webmeetings univentionPortalEntryLink: http://10.200.27.202/univention/portal/ univentionPortalEntryLink: https://10.200.27.202/univention/portal/ # ucr get system/setup/boot/old_ipv4 I reproduced the problem on a UCS 4.1 System.
<http://errata.software-univention.de/ucs/4.2/50.html>