10univention-ldap-server in pending state

theodotos · March 7, 2020, 4:05pm

Hello,

I just finished the installation of UCS Core. It wouldn’t let me login as Administrator so I logged in as root. After I logged in I got these two notifications:

As root you have neither access to the domain administration nor to the App Center. For this you need to log in as Administrator.

and:

Not all installed components have been registered. Please visit the “Domain join” module to register the remaining components.

I tried to registered the remaining components following the advice of the last notification. All the join scripts show state ‘successful’ except ‘10univention-ldap-server’. After ‘Running all pending join scripts’ it is still in pending state and gives this error:

Join error
Some join scripts could not be executed. More details can be found in the log file /var/log/univention/join.log.
Please retry to execute the join scripts after resolving any conflicting issues.

Restart won’t help.

The join log says:

https://pastebin.com/XKcTF01e

Any idea?

SirTux · March 7, 2020, 4:36pm

Seems that the machine password file wasn’t created properly:

/etc/machine.secret: No such file or directory
/etc/machine.secret: No such file or directory
Adding SRV record "ldap tcp 0 100 7389 trodos.example.com." to zone example.com...
done
Adding ZONE record "root@example.com. 1 28800 10800 604800 108001 trodos.example.com." to zone 192.168.66...
Object created: cn=trodos,cn=dc,cn=computers,dc=example,dc=com
Traceback (most recent call last):
File "<stdin>", line 13, in <module>
IOError: [Errno 2] No such file or directory: '/etc/machine.secret'
/etc/idp-ldap-user.secret could not be read!
/etc/idp-ldap-user.secret could not be read!

But I have no idea why.

theodotos · March 8, 2020, 2:05pm

We have used the KVM image because it was easier to deploy on OpenStack. When we tried with the ISO it worked as expected. Thanks SirTux.