Again: univention-s4connector-list-rejected


#1

Hi,
Version UCS 4.2.2 errrata 189, 1x DC-Master and 1x DC-Slave.

I have after upgrade (don’t know if relevant) following S4 Reject:

root@ucs:~# univention-s4connector-list-rejected

UCS rejected

1:   UCS DN: zoneName=friedrichnet.de,cn=dns,dc=friedrichnet,dc=de
      S4 DN: dc=@,dc=friedrichnet.de,cn=microsoftdns,cn=system,DC=friedrichnet,DC=de
     Filename: /var/lib/univention-connector/s4/1506865492.572968

S4 rejected

1:    S4 DN: DC=@,DC=friedrichnet.de,CN=MicrosoftDNS,CN=System,DC=friedrichnet,DC=de
     UCS DN: zonename=friedrichnet.de,cn=dns,dc=friedrichnet,dc=de

    last synced USN: 37814

/var/log/univention/s4-connector-log:

03.10.2017 20:19:15,928 LDAP (PROCESS): sync from ucs: Resync rejected file: /var/lib/univention-connector/s4/1506865492.572968
03.10.2017 20:19:15,930 LDAP (PROCESS): sync from ucs: [ dns] [ modify] dc=@,dc=friedrichnet.de,cn=microsoftdns,cn=system,DC=friedrichn
et,DC=de
03.10.2017 20:19:15,937 LDAP (WARNING): sync failed, saved as rejected
/var/lib/univention-connector/s4/1506865492.572968
03.10.2017 20:19:15,937 LDAP (WARNING): Traceback (most recent call last):
File “/usr/lib/pymodules/python2.7/univention/s4connector/init.py”, line 897, in __sync_file_from_ucs
if ((old_dn and not self.sync_from_ucs(key, object, premapped_ucs_dn, unicode(old_dn, ‘utf8’), old, new)) or (not old_dn and not self.sync_from_ucs(key
, object, premapped_ucs_dn, old_dn, old, new))):
File “/usr/lib/pymodules/python2.7/univention/s4connector/s4/init.py”, line 2588, in sync_from_ucs
self.property[property_type].con_sync_function(self, property_type, object)
File “/usr/lib/pymodules/python2.7/univention/s4connector/s4/dns.py”, line 1583, in ucs2con
s4_zone_create_wrapper(s4connector, object)
File “/usr/lib/pymodules/python2.7/univention/s4connector/s4/dns.py”, line 859, in s4_zone_create_wrapper
result = s4_zone_create(s4connector, object)
File “/usr/lib/pymodules/python2.7/univention/s4connector/s4/dns.py”, line 801, in s4_zone_create
s4connector.lo_s4.modify(soa_dn, [(‘dnsRecord’, old_dnsRecords, dnsRecords)])
File “/usr/lib/pymodules/python2.7/univention/uldap.py”, line 475, in modify
self.modify_ext_s(dn, ml, serverctrls=serverctrls, response=response)
File “/usr/lib/pymodules/python2.7/univention/uldap.py”, line 516, in modify_ext_s
rtype, rdata, rmsgid, resp_ctrls = self.lo.result3(msgid)
File “/usr/lib/python2.7/dist-packages/ldap/ldapobject.py”, line 476, in result3
resp_ctrl_classes=resp_ctrl_classes
File “/usr/lib/python2.7/dist-packages/ldap/ldapobject.py”, line 483, in result4
ldap_result = self._ldap_call(self._l.result4,msgid,all,timeout,add_ctrls,add_intermediates,add_extop)
File “/usr/lib/python2.7/dist-packages/ldap/ldapobject.py”, line 106, in _ldap_call
result = func(*args,**kwargs)
TYPE_OR_VALUE_EXISTS: {‘info’: “attribute ‘dnsRecord’: value #1 on ‘DC=@,DC=friedrichnet.de,CN=MicrosoftDNS,CN=System,DC=friedrichnet,DC=de’ provided more than once”, ‘desc’: ‘Type or value exists’}

03.10.2017 20:19:15,937 LDAP (PROCESS): sync to ucs: Resync rejected dn: DC=@,DC=friedrichnet.de,CN=MicrosoftDNS,CN=System,DC=friedrichnet,DC=de
03.10.2017 20:19:15,939 LDAP (PROCESS): sync to ucs: [ dns] [ modify] zonename=friedrichnet.de,cn=dns,dc=friedrichnet,dc=de
03.10.2017 20:19:15,941 LDAP (ERROR ): Unknown Exception during sync_to_ucs
03.10.2017 20:19:15,941 LDAP (ERROR ): Traceback (most recent call last):
File “/usr/lib/pymodules/python2.7/univention/s4connector/init.py”, line 1563, in sync_to_ucs
result = self.property[property_type].ucs_sync_function(self, property_type, object)
File “/usr/lib/pymodules/python2.7/univention/s4connector/s4/dns.py”, line 1682, in con2ucs
ucs_zone_create(s4connector, object, dns_type)
File “/usr/lib/pymodules/python2.7/univention/s4connector/s4/dns.py”, line 1436, in ucs_zone_create
zone.modify()
File “/usr/lib/pymodules/python2.7/univention/admin/handlers/init.py”, line 347, in modify
dn = self._modify(modify_childs, ignore_license=ignore_license, response=response)
File “/usr/lib/pymodules/python2.7/univention/admin/handlers/init.py”, line 857, in _modify
self.lo.modify(self.dn, ml, ignore_license=ignore_license, serverctrls=serverctrls, response=response)
File “/usr/lib/pymodules/python2.7/univention/admin/uldap.py”, line 505, in modify
raise univention.admin.uexceptions.ldapError(_err2str(msg), original_exception=msg)
ldapError: Type or value exists: nSRecord: value #0 provided more than once

Do we have a Problem with Upper/Lower Case, how to solve this (MicrosoftDNS is not an object i will touch :wink:

Regards
Neobiker


S4-Connector Probleme
#2

Hallo,

this could be a typo or a wrong name as nsRecord.
Could you provide the output of the following command:

univention-ldapsearch zoneName=friedrichnet.de  |grep nSRecord

#3

root@ucs:~# univention-ldapsearch zoneName=friedrichnet.de |grep nSRecord
nSRecord: ucs
nSRecord: ucs.
root@ucs:~#


#4

Hi,

thank you. I think on the one hand the entry without the point at the end is wrong, on the the other hand the FQDN has to be used here.
In my testenvironment the output looks as follows:

root@ucs-master:~# univention-ldapsearch zoneName=sunshine.local |grep nSRecord
nSRecord: ucs-master.sunshine.local.
nSRecord: ucs-slave.sunshine.local.

You can easily change the value in the DNS Modul in the UMC to ucs.friedrichnet.de.


#5

Thank you.
I changed that now, interesting that it pops up right now (after even years i think).
Regards
Neobiker


#6

You are welcome.
Have you checked that the reject is gone and everything works fine? Maybe you have to clear the rejects manually.


#7

For the time being it Looks:

root@ucs:~# univention-s4connector-list-rejected
     UCS rejected

1:   UCS DN: zoneName=friedrichnet.de,cn=dns,dc=friedrichnet,dc=de
      S4 DN: dc=@,dc=friedrichnet.de,cn=microsoftdns,cn=system,DC=friedrichnet,DC=de
     Filename: /var/lib/univention-connector/s4/1506865492.572968

S4 rejected

last synced USN: 37865

I think i have to remove the remaining reject tomorrow…


#8

Hello,

the reject on samba4 side is gone. And i think you are right, you have to delete the reject and trigger a resync.
How to do this is described in this article:
https://help.univention.com/t/how-to-deal-with-s4-connector-rejects/33


#9

Yes you’re right, i did this an hour ago. It should be ok now.
Thanks for your Support.

root@ucs:~# univention-s4connector-list-rejected

UCS rejected

    1:   UCS DN: zoneName=friedrichnet.de,cn=dns,dc=friedrichnet,dc=de
          S4 DN: dc=@,dc=friedrichnet.de,cn=microsoftdns,cn=system,DC=friedrichnet,DC=de
         Filename: /var/lib/univention-connector/s4/1506865492.572968


S4 rejected


        last synced USN: 37874
root@ucs:~# /usr/share/univention-s4-connector/remove_ucs_rejected.py "zoneName=friedrichnet.de,cn=dns,dc=friedrichnet,dc=de"
The rejected UCS object zoneName=friedrichnet.de,cn=dns,dc=friedrichnet,dc=de has been removed.
root@ucs:~# rm /var/lib/univention-connector/s4/1506865492.572968
rm: das Entfernen von „/var/lib/univention-connector/s4/1506865492.572968“ ist nicht möglich: Datei oder Verzeichnis nicht gefunden

root@ucs:~# service univention-s4-connector restart
root@ucs:~# univention-s4connector-list-rejected

UCS rejected


S4 rejected


There may be no rejected DNs if the connector is in progress, to be
sure stop the connector before running this script.


        last synced USN: 37876
root@ucs:~#