ucr search --brief connector/ad
gibt folgendes aus:
connector/ad/autostart: yes
connector/ad/ldap/base: DC=zensiert,DC=local
connector/ad/ldap/binddn: a-srv02$
connector/ad/ldap/bindpw: /etc/machine.secret
connector/ad/ldap/host: P-SRV01.zensiert.local
connector/ad/ldap/kerberos: true
connector/ad/ldap/port: 389
connector/ad/ldap/ssl: no
connector/ad/listener/dir: /var/lib/univention-connector/ad
connector/ad/mapping/container/ignorelist: mail,kerberos
connector/ad/mapping/group/grouptype: true
connector/ad/mapping/group/ignorelist: Windows Hosts,DC Slave Hosts,DC Backup Hosts,Authenticated Users,World Authority,Everyone,Null Authority,Nobody,Enterprise Domain Controllers,Computers,Remote Interactive Logon,SChannel Authentication,Digest Authentication,Terminal Server User,NTLM Authentication,Other Organization,This Organization,Anonymous Logon,Network Service,Creator Group,Creator Owner,Local Service,Owner Rights,Interactive,Restricted,Network,Service,Dialup,System,Batch,Proxy,IUSR,Self
connector/ad/mapping/group/language: de
connector/ad/mapping/group/primarymail: true
connector/ad/mapping/group/table/Printer-Admins: Druck-Operatoren
connector/ad/mapping/syncmode: read
connector/ad/mapping/user/ignorelist: krbtgt,root,pcpatch
connector/ad/mapping/user/password/kinit: true
connector/ad/mapping/user/primarymail: true
connector/ad/poll/sleep: 5
connector/ad/retryrejected: 10
P-SRV01 habe ich bereits eingetragen, das ist der funktionierende DC
Wie authentifiziert sich die UCS denn am AC? im binddn sollte laut deinem Link der Benutzer drin stehen Dort steht aber die UCS selbst A-SRV02.