10univention-ldap-server in pending state


I just finished the installation of UCS Core. It wouldn’t let me login as Administrator so I logged in as root. After I logged in I got these two notifications:

As root you have neither access to the domain administration nor to the App Center. For this you need to log in as Administrator.


Not all installed components have been registered. Please visit the “Domain join” module to register the remaining components.

I tried to registered the remaining components following the advice of the last notification. All the join scripts show state ‘successful’ except ‘10univention-ldap-server’. After ‘Running all pending join scripts’ it is still in pending state and gives this error:

Join error
Some join scripts could not be executed. More details can be found in the log file /var/log/univention/join.log.
Please retry to execute the join scripts after resolving any conflicting issues.

Restart won’t help.

The join log says:


Any idea?

Seems that the machine password file wasn’t created properly:

/etc/machine.secret: No such file or directory
/etc/machine.secret: No such file or directory
Adding SRV record "ldap tcp 0 100 7389 trodos.example.com." to zone example.com...
Adding ZONE record "root@example.com. 1 28800 10800 604800 108001 trodos.example.com." to zone 192.168.66...
Object created: cn=trodos,cn=dc,cn=computers,dc=example,dc=com
Traceback (most recent call last):
File "<stdin>", line 13, in <module>
IOError: [Errno 2] No such file or directory: '/etc/machine.secret'
/etc/idp-ldap-user.secret could not be read!
/etc/idp-ldap-user.secret could not be read!

But I have no idea why.

We have used the KVM image because it was easier to deploy on OpenStack. When we tried with the ISO it worked as expected. Thanks SirTux.