das hier ist die join.log
Mon Mar 6 00:10:31 CET 2017: starting /usr/share/univention-join/univention-joi n -dcaccount Administrator -dcpwd /tmp/tmp.mDUYkiix3D
running version check
OK: UCS version on name.domain.XX is higher or equal (4.14) to the local ve rsion (4.14).
Stopping ldap server(s): slapd ...done.
Starting ldap server(s): slapd ...done.
Mon Mar 6 00:10:41 CET 2017
univention-server-join: joins a server to an univention domain
copyright (c) 2001-2017 Univention GmbH, Germany
ldap_dn="cn=XXX,cn=dc,cn=computers,dc=domain,dc=XX"
/etc/idp-ldap-user.secret could not be read!
Create ldap/hostdn
File: /etc/pam.d/smtp
Multifile: /etc/simplesamlphp/authsources.php
File: /etc/pam_ldap.conf
Multifile: /etc/postfix/ldap.transport
Multifile: /etc/postfix/ldap.canonicalrecipient
Multifile: /etc/postfix/ldap.virtual
File: /etc/libnss-ldap.conf
Multifile: /etc/postfix/ldap.saslusermapping
Multifile: /etc/postfix/ldap.virtualdomains
Multifile: /etc/postfix/ldap.distlist
Multifile: /etc/postfix/ldap.groups
Multifile: /etc/postfix/ldap.sharedfolderlocal
File: /etc/cron.d/univention-directory-policy
Multifile: /etc/postfix/ldap.virtualwithcanonical
Multifile: /etc/postfix/ldap.sharedfolderremote
Multifile: /etc/postfix/ldap.canonicalsender
/etc/idp-ldap-user.secret could not be read!
Setting ldap/server/name
Setting ldap/server/ip
Not updating ldap/server/port
Create ldap/master
Not updating ldap/master/port
Setting ldap/server/type
Multifile: /etc/ldap/slapd.conf
Multifile: /etc/simplesamlphp/authsources.php
File: /etc/pam_ldap.conf
File: /etc/krb5.conf
Multifile: /etc/postfix/ldap.transport
Multifile: /etc/postfix/ldap.canonicalrecipient
Multifile: /etc/postfix/ldap.virtual
File: /etc/libnss-ldap.conf
Multifile: /etc/postfix/ldap.saslusermapping
Multifile: /etc/postfix/ldap.virtualdomains
Multifile: /etc/postfix/ldap.distlist
Multifile: /etc/postfix/ldap.groups
File: /etc/pam.d/smtp
Multifile: /etc/postfix/ldap.sharedfolderlocal
File: /etc/init.d/slapd
File: /etc/default/ntpdate
File: /etc/nagios/nrpe.cfg
Multifile: /etc/postfix/ldap.virtualwithcanonical
Multifile: /etc/postfix/ldap.sharedfolderremote
File: /etc/ntp.conf
Multifile: /etc/postfix/ldap.canonicalsender
File: /etc/ldap/ldap.conf
rsync: opendir "/etc/univention/ssl/unassigned-hostname.unassigned-domain" faile d: Permission denied (13)
rsync error: some files/attrs were not transferred (see previous errors) (code 2 3) at main.c(1536) [generator=3.0.9]
Could not chdir to home directory /dev/null: Not a directory
Could not chdir to home directory /dev/null: Not a directory
Setting ssl/country
Setting ssl/state
Setting ssl/locality
Setting ssl/organization
Setting ssl/organizationalunit
Setting ssl/common
Setting ssl/email
Restarting ldap server(s).
Stopping ldap server(s): slapd ...done.
Starting ldap server(s): slapd ...done.
Not updating ldap/server/name
Not updating ldap/master
Setting kerberos/realm
File: /etc/krb5.conf
File: /etc/heimdal-kdc/kdc.conf
Setting windows/domain
File: /etc/krb5.conf
Create dns/forwarder1
File: /etc/bind/named.conf.proxy
File: /etc/bind/named.conf.samba4
Configure 01univention-ldap-server-init.inst Mon Mar 6 00:11:11 CET 2017
2017-03-06 00:11:11.786489052+01:00 (in joinscript_init)
Starting ldap server(s): slapd ...failed.
58bc9b10 /etc/ldap/slapd.conf: line 164: unknown attr "@univentionVirtualMachine " in to clause 58bc9b10 <access clause> ::= access to <what> [ by <who> [ <acces s> ] [ <control> ] ]+ <what> ::= bin boot dev etc home initrd.img initrd.img.ins tall lib lib64 lost+found media mnt opt proc root run sbin selinux srv sys tmp u sr var vmlinuz vmlinuz.install | dn[.<dnstyle>=<DN>] [filter=<filter>] [attrs=<a ttrspec>] <attrspec> ::= <attrname> [val[/<matchingRule>][.<attrstyle>]=<value>] | <attrlist> <attrlist> ::= <attr> [ , <attrlist> ] <attr> ::= <attrname> | @<o bjectClass> | !<objectClass> | entry | children <who> ::= [ bin boot dev etc hom e initrd.img initrd.img.install lib lib64 lost+found media mnt opt proc root run sbin selinux srv sys tmp usr var vmlinuz vmlinuz.install | anonymous | users | self | dn[.<dnstyle>]=<DN> ] [ realanonymous | realusers | realself | realdn[.<d nstyle>]=<DN> ] [dnattr=<attrname>] [realdnattr=<attrname>] [group[/<objectclass >[/<attrname>]][.<style>]=<group>] [peername[.<peernamestyle>]=<peer>] [sockname [.<style>]=<name>] [domain[.<domainstyle>]=<domain>] [sockurl[.<style>]=<url>] [ dynacl/<name>[/<options>][.<dynstyle>][=<pattern>]] [ssf=<n>] [transport_ssf=<n> ] [tls_ssf=<n>] [sasl_ssf=<n>] <style> ::= exact | regex | base(Object) <dnstyle > ::= base(Object) | one(level) | sub(tree) | children | exact | regex <attrstyl e> ::= exact | regex | base(Object) | one(level) | sub(tree) | children <peernam estyle> ::= exact | regex | ip | ipv6 | path <domainstyle> ::= exact | regex | b ase(Object) | sub(tree) <access> ::= [[real]self]{<level>|<priv>} <level> ::= no ne|disclose|auth|compare|search|read|{write|add|delete}|manage <priv> ::= {=|+|- }{0|d|x|c|s|r|{w|a|z}|m}+ <control> ::= [ stop | continue | break ] dynacl: <nam e>=ACI <pattern>=<attrname> slapschema: bad configuration file!.
invoke-rc.d: initscript slapd, action "start" failed.
2017-03-06 00:11:12.168245942+01:00 (in joinscript_save_current_version)
Configure 02univention-directory-notifier.inst Mon Mar 6 00:11:12 CET 2017
2017-03-06 00:11:12.182227464+01:00 (in joinscript_init)
Starting Univention Directory Notifier daemon.
warning: univention-directory-notifier: unable to open supervise/ok: file does n ot exist
failed.
2017-03-06 00:11:12.212651295+01:00 (in joinscript_save_current_version)
Configure 03univention-directory-listener.inst Mon Mar 6 00:11:12 CET 2017
2017-03-06 00:11:12.223534322+01:00 (in joinscript_init)
warning: univention-directory-listener: unable to open supervise/ok: file does n ot exist
Create ldap/database/ldbm/dbsync
Multifile: /etc/ldap/slapd.conf
06.03.17 00:11:12.867 DEBUG_INIT
UNIVENTION_DEBUG_BEGIN : uldap.__open host=name.domain.XX port=7389 base=d c=kanzlei,dc=bi
UNIVENTION_DEBUG_END : uldap.__open host=name.domain.XX port=7389 base=d c=kanzlei,dc=bi
06.03.17 00:11:13.632 LISTENER ( WARN ) : handler: replication (not ready ) (ignore)
Restarting ldap server(s).
Stopping ldap server(s): slapd ...done.
Starting ldap server(s): slapd ...done.
06.03.17 00:11:15.680 LISTENER ( WARN ) : handler: faillog (not ready) (i gnore)
06.03.17 00:11:15.681 LISTENER ( WARN ) : Set Schema ID to 15
06.03.17 00:11:15.681 LISTENER ( WARN ) : initializing module replication
File: /var/lib/univention-ldap/ldap/DB_CONFIG
slapd: Kein Prozess gefunden
File: /var/lib/univention-ldap/ldap/DB_CONFIG
Starting ldap server(s): slapd ...done.
Restarting ldap server(s).
Stopping ldap server(s): slapd ...retry #1....done.
Starting ldap server(s): slapd ...done.
06.03.17 00:11:37.700 LISTENER ( ERROR ) : replication: Invalid syntax; dn ="uid=sys-idp-user,cn=users,dc=kanzlei,dc=bi": Error
06.03.17 00:11:37.700 LISTENER ( ERROR ) : additional info: objectC lass: value #6 invalid per syntax
06.03.17 00:11:38.623 LISTENER ( WARN ) : finished initializing module re plication with rv=0
06.03.17 00:11:38.623 LISTENER ( WARN ) : initializing module nagios-clie nt
06.03.17 00:11:38.642 LISTENER ( WARN ) : finished initializing module na gios-client with rv=0
06.03.17 00:11:38.642 LISTENER ( WARN ) : initializing module keytab
kadmin: ext host/name.domain.XX@DOMAIN.XX: Principal does not exist
06.03.17 00:11:38.664 LISTENER ( WARN ) : finished initializing module ke ytab with rv=0
06.03.17 00:11:38.664 LISTENER ( WARN ) : initializing module nfs-shares
06.03.17 00:11:38.674 LISTENER ( WARN ) : finished initializing module nf s-shares with rv=0
06.03.17 00:11:38.674 LISTENER ( WARN ) : initializing module quota
UNIVENTION_DEBUG_BEGIN : uldap.__open host=name.domain.XX port=7389 base=dc =kanzlei,dc=bi
Traceback (most recent call last):
File "/usr/lib/univention-directory-listener/system/quota.py", line 213, in ha ndler
if _is_container_change_relevant(new, old):
File "/usr/lib/univention-directory-listener/system/quota.py", line 139, in _i s_container_change_relevant
lo = _get_ldap_connection()
File "/usr/lib/univention-directory-listener/system/quota.py", line 116, in _g et_ldap_connection
connection = univention.uldap.getMachineConnection(ldap_master=False)
File "/usr/lib/pymodules/python2.7/univention/uldap.py", line 89, in getMachin eConnection
return access(host=ucr['ldap/server/name'], port=port, base=ucr['ldap/base'] , binddn=ucr['ldap/hostdn'], bindpw=bindpw, start_tls=start_tls, decode_ignoreli st=decode_ignorelist, reconnect=reconnect)
File "/usr/lib/pymodules/python2.7/univention/uldap.py", line 150, in __init__
self.__open(ca_certfile)
File "/usr/lib/pymodules/python2.7/univention/uldap.py", line 189, in __open
self.lo.simple_bind_s(self.binddn, self.__encode_pwd(self.bindpw))
File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 879, in simpl e_bind_s
res = self._apply_method_s(SimpleLDAPObject.simple_bind_s,*args,**kwargs)
File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 860, in _appl y_method_s
return func(self,*args,**kwargs)
File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 215, in simpl e_bind_s
resp_type, resp_data, resp_msgid, resp_ctrls = self.result3(msgid,all=1,time out=self.timeout)
File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 476, in resul t3
resp_ctrl_classes=resp_ctrl_classes
File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 483, in resul t4
ldap_result = self._ldap_call(self._l.result4,msgid,all,timeout,add_ctrls,ad d_intermediates,add_extop)
File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 106, in _ldap _call
result = func(*args,**kwargs)
ldap.INVALID_CREDENTIALS: {'desc': 'Invalid credentials'}
06.03.17 00:11:38.702 LISTENER ( WARN ) : handler: quota (failed)
UNIVENTION_DEBUG_BEGIN : uldap.__open host=name.domain.XX port=7389 base=dc =kanzlei,dc=bi
UNIVENTION_DEBUG_END : uldap.__open host=name.domain.XX port=7389 base=dc =kanzlei,dc=bi
Traceback (most recent call last):
File "/usr/lib/univention-directory-listener/system/quota.py", line 213, in ha ndler
if _is_container_change_relevant(new, old):
File "/usr/lib/univention-directory-listener/system/quota.py", line 139, in _i s_container_change_relevant
lo = _get_ldap_connection()
File "/usr/lib/univention-directory-listener/system/quota.py", line 116, in _g et_ldap_connection
connection = univention.uldap.getMachineConnection(ldap_master=False)
File "/usr/lib/pymodules/python2.7/univention/uldap.py", line 89, in getMachin eConnection
return access(host=ucr['ldap/server/name'], port=port, base=ucr['ldap/base'] , binddn=ucr['ldap/hostdn'], bindpw=bindpw, start_tls=start_tls, decode_ignoreli st=decode_ignorelist, reconnect=reconnect)
File "/usr/lib/pymodules/python2.7/univention/uldap.py", line 150, in __init__
self.__open(ca_certfile)
File "/usr/lib/pymodules/python2.7/univention/uldap.py", line 189, in __open
self.lo.simple_bind_s(self.binddn, self.__encode_pwd(self.bindpw))
File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 879, in simpl e_bind_s
res = self._apply_method_s(SimpleLDAPObject.simple_bind_s,*args,**kwargs)
File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 860, in _appl y_method_s
return func(self,*args,**kwargs)
File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 215, in simpl e_bind_s
resp_type, resp_data, resp_msgid, resp_ctrls = self.result3(msgid,all=1,time out=self.timeout)
File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 476, in resul t3
resp_ctrl_classes=resp_ctrl_classes
File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 483, in resul t4
ldap_result = self._ldap_call(self._l.result4,msgid,all,timeout,add_ctrls,ad d_intermediates,add_extop)
File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 106, in _ldap _call
result = func(*args,**kwargs)
ldap.INVALID_CREDENTIALS: {'desc': 'Invalid credentials'}
06.03.17 00:11:38.712 LISTENER ( WARN ) : handler: quota (failed)
06.03.17 00:11:38.716 LISTENER ( WARN ) : finished initializing module qu ota with rv=0
06.03.17 00:11:38.716 LISTENER ( WARN ) : initializing module pkgdb-watch
06.03.17 00:11:38.728 LISTENER ( WARN ) : finished initializing module pk gdb-watch with rv=0
06.03.17 00:11:38.728 LISTENER ( WARN ) : initializing module gencertific ate
06.03.17 00:11:38.742 LISTENER ( WARN ) : finished initializing module ge ncertificate with rv=0
06.03.17 00:11:38.742 LISTENER ( WARN ) : initializing module ldap_extens ion
06.03.17 00:11:40.895 LISTENER ( WARN ) : finished initializing module ld ap_extension with rv=0
06.03.17 00:11:40.895 LISTENER ( WARN ) : initializing module univention- saml-simplesamlphp-configuration
06.03.17 00:11:41.098 LISTENER ( WARN ) : finished initializing module un ivention-saml-simplesamlphp-configuration with rv=0
06.03.17 00:11:41.098 LISTENER ( WARN ) : initializing module umc-service -providers
06.03.17 00:11:41.479 LISTENER ( WARN ) : finished initializing module um c-service-providers with rv=0
06.03.17 00:11:41.479 LISTENER ( WARN ) : initializing module keytab-memb er
06.03.17 00:11:41.489 LISTENER ( WARN ) : finished initializing module ke ytab-member with rv=0
06.03.17 00:11:41.489 LISTENER ( WARN ) : initializing module license_uui d
06.03.17 00:11:41.746 LISTENER ( WARN ) : finished initializing module li cense_uuid with rv=0
06.03.17 00:11:41.746 LISTENER ( WARN ) : initializing module well-known- sid-name-mapping
06.03.17 00:11:41.810 LISTENER ( PROCESS ) : well-known-sid-name-mapping: uc r set groups/default/printoperators=Printer-Admins
06.03.17 00:11:43.068 LISTENER ( WARN ) : finished initializing module we ll-known-sid-name-mapping with rv=0
06.03.17 00:11:43.068 LISTENER ( WARN ) : initializing module hosteddomai ns
06.03.17 00:11:43.375 LISTENER ( WARN ) : finished initializing module ho steddomains with rv=0
06.03.17 00:11:43.375 LISTENER ( WARN ) : initializing module ldap_server
06.03.17 00:11:44.580 LISTENER ( WARN ) : finished initializing module ld ap_server with rv=0
06.03.17 00:11:44.580 LISTENER ( WARN ) : initializing module udm_extensi on
06.03.17 00:11:45.184 LISTENER ( WARN ) : finished initializing module ud m_extension with rv=0
06.03.17 00:11:45.184 LISTENER ( WARN ) : initializing module faillog
06.03.17 00:11:45.200 LISTENER ( WARN ) : finished initializing module fa illog with rv=0
06.03.17 00:11:45.200 LISTENER ( WARN ) : initializing module univention- saml-servers
06.03.17 00:11:45.726 LISTENER ( WARN ) : finished initializing module un ivention-saml-servers with rv=0
06.03.17 00:11:45.726 LISTENER ( WARN ) : initializing module nfs-homes
06.03.17 00:11:45.734 LISTENER ( WARN ) : finished initializing module nf s-homes with rv=0
06.03.17 00:11:45.734 LISTENER ( WARN ) : initializing module nss
06.03.17 00:11:45.752 LISTENER ( WARN ) : finished initializing module ns s with rv=0
06.03.17 00:11:45.752 LISTENER ( WARN ) : initializing module nscd_update
06.03.17 00:11:45.768 LISTENER ( WARN ) : finished initializing module ns cd_update with rv=0
06.03.17 00:11:45.768 LISTENER ( WARN ) : initializing module bind
06.03.17 00:11:45.781 LISTENER ( WARN ) : finished initializing module bi nd with rv=0
Stopping nagios-nrpe: nagios-nrpe.
Starting nagios-nrpe: nagios-nrpe.
2104
06.03.17 00:11:47.064 LISTENER ( PROCESS ) : ldap_extension: Reloading LDAP server.
Initiating graceful reload of ldap server(s).
Sending HUP to ldap server(s): slapd ...retry #1....retry #2....done.
Starting ldap server(s): slapd ...done.
Found failed.ldif. Importing ...failed.
Please check /var/log/univention/listener.log.
2442
Initiating graceful reload of ldap server(s).
Sending HUP to ldap server(s): slapd ...done.
Starting ldap server(s): slapd ...done.
Found failed.ldif. Importing ...failed.
Please check /var/log/univention/listener.log.
Traceback (most recent call last):
File "/usr/lib/univention-pam/ldap-group-to-file.py", line 109, in <module>
lo = univention.uldap.getMachineConnection( ldap_master=False )
File "/usr/lib/pymodules/python2.7/univention/uldap.py", line 89, in getMachin eConnection
return access(host=ucr['ldap/server/name'], port=port, base=ucr['ldap/base'] , binddn=ucr['ldap/hostdn'], bindpw=bindpw, start_tls=start_tls, decode_ignoreli st=decode_ignorelist, reconnect=reconnect)
File "/usr/lib/pymodules/python2.7/univention/uldap.py", line 150, in __init__
self.__open(ca_certfile)
File "/usr/lib/pymodules/python2.7/univention/uldap.py", line 189, in __open
self.lo.simple_bind_s(self.binddn, self.__encode_pwd(self.bindpw))
File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 879, in simpl e_bind_s
res = self._apply_method_s(SimpleLDAPObject.simple_bind_s,*args,**kwargs)
File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 860, in _appl y_method_s
return func(self,*args,**kwargs)
File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 215, in simpl e_bind_s
resp_type, resp_data, resp_msgid, resp_ctrls = self.result3(msgid,all=1,time out=self.timeout)
File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 476, in resul t3
resp_ctrl_classes=resp_ctrl_classes
File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 483, in resul t4
ldap_result = self._ldap_call(self._l.result4,msgid,all,timeout,add_ctrls,ad d_intermediates,add_extop)
File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 106, in _ldap _call
result = func(*args,**kwargs)
ldap.INVALID_CREDENTIALS: {'desc': 'Invalid credentials'}
Multifile: /etc/ldap/slapd.conf
Multifile: /etc/ldap/slapd.conf
Multifile: /etc/ldap/slapd.conf
Multifile: /etc/ldap/slapd.conf
Multifile: /etc/ldap/slapd.conf
Multifile: /etc/ldap/slapd.conf
Create umc/saml/trusted/sp/ucsslave.kanzlei.bi
File: /etc/ldap/sasl2/slapd.conf
Create license/base
Create uuid/license
File: /etc/apt/apt.conf.d/55user_agent
Create groups/default/printoperators
File: /etc/security/access-sudo.conf
Multifile: /etc/ldap/slapd.conf
File: /etc/security/access-ftp.conf
File: /etc/security/access-kscreensaver.conf
File: /etc/security/access-passwd.conf
File: /etc/security/access-su.conf
File: /etc/security/access-chfn.conf
File: /etc/security/access-cron.conf
File: /etc/security/access-kdm.conf
File: /etc/security/access-rsh.conf
File: /etc/security/access-chsh.conf
File: /etc/security/access-kcheckpass.conf
File: /etc/security/access-kde.conf
File: /etc/security/access-ppp.conf
File: /etc/security/access-rlogin.conf
File: /etc/security/access-screen.conf
File: /etc/security/access-login.conf
File: /etc/security/access-gdm.conf
File: /etc/security/access-sshd.conf
File: /etc/security/access-other.conf
File: /etc/security/limits.conf
Create mail/hosteddomains
Module: create-archivefolder
Create ldap/backup
File: /etc/ntp.conf
File: /etc/default/ntpdate
Setting ldap/master
Setting kerberos/adminserver
File: /etc/ntp.conf
File: /etc/krb5.conf
Multifile: /etc/ldap/slapd.conf
File: /etc/default/ntpdate
File: /etc/nagios/nrpe.cfg
Create ucs/server/saml-idp-server/name.domain.XX
File: /etc/stunnel/univention_saml.conf
File: /etc/simplesamlphp/config.php
Setting ldap/database/ldbm/dbsync
Multifile: /etc/ldap/slapd.conf
Restarting ldap server(s).
Stopping ldap server(s): slapd ...done.
Starting ldap server(s): slapd ...done.
Found failed.ldif. Importing ...failed.
Please check /var/log/univention/listener.log.
Starting univention-directory-listener daemon.
done.
2017-03-06 00:12:19.525369678+01:00 (in joinscript_save_current_version)
Mon Mar 6 00:12:19 CET 2017: finish /usr/share/univention-join/univention-join