First Last Prev Next    This bug is not in your last search results.
Bug 48266 - The transport connection is now disconnected
The transport connection is now disconnected
Status: RESOLVED DUPLICATE of bug 45127
Product: UCS
Classification: Unclassified
Component: AD Connector
UCS 4.3
Other Linux
: P5 normal (vote)
: ---
Assigned To: Samba maintainers
Samba maintainers
:
Depends on: 52432 45127 51501
Blocks:
  Show dependency treegraph
 
Reported: 2018-12-04 15:57 CET by Nico Stöckigt
Modified: 2020-11-25 16:20 CET (History)
2 users (show)

See Also:
What kind of report is it?: Bug Report
What type of bug is this?: 5: Major Usability: Impairs usability in key scenarios
Who will be affected by this bug?: 1: Will affect a very few installed domains
How will those affected feel about the bug?: 5: Blocking further progress on the daily work
User Pain: 0.143
Enterprise Customer affected?: Yes
School Customer affected?:
ISV affected?:
Waiting Support:
Flags outvoted (downgraded) after PO Review:
Ticket number: 2018120321000551
Bug group (optional): External feedback, Workaround is available
Max CVSS v3 score:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Nico Stöckigt univentionstaff 2018-12-04 15:57:40 CET 
+++ This bug was initially created as a clone of Bug #45127 +++

From https://help.univention.com/t/possible-bug-in-ad-sync-connector/4916

I think there may be a bug in the connection to a 2008 AD.

We are running a mirror off the main AD, as a test measure.
yesterday we had a non-graceful C&B (crash & burn) loss of a UPS, this took the 2008 AD server down hard.

After the system was brought back up and functioning, we noticed the Uni. could not re-connect and was filling the error logs

it seems that once a connection is made to a MS AD , there is not any real checking to see if the connection goes down, instead the log files just fill with PY errors, even after the remote system comes backup.

a stopping of the AD connection at univention & a restarting, fixes the log errors and catches up on the domain syncs.

it seems the error routines need to be made a bit more robust & try re-forming the connection if the code is producing connection errors.

    26.01.2017 09:44:37,729 LDAP (ERROR ): failed in post_con_modify_functions
    26.01.2017 09:44:37,730 LDAP (ERROR ): Traceback (most recent call last):
    File "/usr/lib/pymodules/python2.7/univention/connector/__init__.py", line 1326, in sync_to_ucs
    f(self, property_type, object)
    File "/usr/lib/pymodules/python2.7/univention/connector/ad/password.py", line 381, in password_sync
    res = get_password_from_ad(connector, univention.connector.ad.compatible_modstring(object['dn']))
    File "/usr/lib/pymodules/python2.7/univention/connector/ad/password.py", line 180, in get_password_from_ad
    (level, ctr) = connector.drs.DsGetNCChanges(connector.drsuapi_handle, 8, req8)
    NTSTATUSError: (-1073741300, 'The transport connection is now disconnected.')

then after re-connecting:

    File "/usr/lib/pymodules/python2.7/univention/connector/__init__.py", line 1326, in sync_to_ucs
    f(self, property_type, object)
    File "/usr/lib/pymodules/python2.7/univention/connector/ad/password.py", line 381, in password_sync
    res = get_password_from_ad(connector, univention.connector.ad.compatible_modstring(object['dn']))
    File "/usr/lib/pymodules/python2.7/univention/connector/ad/password.py", line 180, in get_password_from_ad
    (level, ctr) = connector.drs.DsGetNCChanges(connector.drsuapi_handle, 8, req8)
    NTSTATUSError: (-1073741300, 'The transport connection is now disconnected.')

    26.01.2017 09:45:18,218 MAIN (------ ): DEBUG_INIT
    26.01.2017 09:45:18,237 LDAP (ERROR ): Failed to lookup AD LDAP base, using UCR value.
    26.01.2017 09:45:18,270 LDAP (PROCESS): Building internal group membership cache
    26.01.2017 09:45:18,411 LDAP (PROCESS): Internal group membership cache was created
    26.01.2017 09:45:18,449 LDAP (PROCESS): Using GP01 as AD Netbios domain name
    26.01.2017 09:45:18,521 LDAP (PROCESS): sync from ucs: Resync rejected file: /var/lib/univention-connector/ad/1485393377.000030
    26.01.2017 09:45:18,548 LDAP (PROCESS): sync from ucs: [ user] [ modify] cn=xxxxxx,ou=hk office,DC=xx,DC=xx,DC=xxx,DC=xx

and everything is fine with the world until next time
Comment 1 Arvid Requate univentionstaff 2018-12-04 16:01:07 CET 

*** This bug has been marked as a duplicate of bug 45127 ***
First Last Prev Next    This bug is not in your last search results.