Hi,
i want to replace my DC-Master by a new one, freshly installed, due to the fact that it is over ~7 years running now. Of course, the DC-Master has a huge history in 7 years …, although actua it only serves as DC-Master until EOL.
Scenario is quite simple (i hope):
DC-Master = ucs (deinstalled: AD DC, Nagios)
DC-Backup = ucsmail (Kopano Mailserver, AD DC, File Server; migrated: Zarafa->Kopano)
DC-Backup2 = ucs2 (fresh installed from ISO)
If i compare the LDAP-schema i see, that on the new installed DC-Backup2 the amavisd-new schema is missing.
root@ucs:~# ls -1 /etc/ldap/schema/*.schema /usr/share/univention-ldap/schema/*.schema | xargs dpkg -S > univention-ldap_schema.txt
root@ucs2:~# scp univention-ldap_schema.txt ucs:~/univention-ldap_schema_ucs2.txt
root@ucs:~# diff univention-ldap_schema*
1d0
< amavisd-new: /etc/ldap/schema/amavis.schema
root@ucs:~#
If now compare the installed dpkg, amavisd-new is deinstalled.
root@ucs:~# dpkg --get-selections \* >> dpkg.selection
root@ucs:~# less dpkg.selection
root@ucs:~# grep amavis dpkg.selection
amavisd-new deinstall
root@ucs:~#
So i assume according to documentation i have to install amavisd-new on the DC-Backup2 before the upgrade to DC-Master. I installed it, and directly deinstalled it again. Now, the schema is also installed.
Fortunately, i took a snapshot of the new DC-Backup2 to perform the upgrade in my VM-Sandbox.
Here, i found a bug in the script, which has problems handling the servernames right.
root@ucs2:~# /usr/lib/univention-ldap/univention-backup2master
univention-backup2master allows the domain controller backup to take over the domain controller master role.
This tool will wait here for 30 seconds...
Press CTRL-c to abort or press ENTER to continue
»lokale Umleitung von /usr/lib/univention-directory-listener/system/replication.py zu /usr/lib/univention-directory-listener/replication.py.divert« wird hinzugefügt
Setting ldap/master
Setting ldap/server/type
Setting server/role
Setting kerberos/adminserver
Setting kerberos/kpasswdserver
Create windows/wins-support
Create ldap/translogfile
File: /etc/default/heimdal-kdc
Multifile: /etc/ldap/slapd.conf
File: /etc/cron.d/univention-system-stats
File: /etc/init.d/slapd
File: /etc/welcome.msg
File: /etc/krb5.conf
File: /usr/share/univention-management-console/meta.json
File: /etc/default/ntpdate
File: /etc/issue
File: /etc/issue.net
File: /usr/share/univention-management-console/modules/setup-certificate.xml
File: /etc/ntp.conf
File: /etc/nagios/nrpe.cfg
File: /etc/runit/univention-directory-notifier/run
Adding SRV record "kerberos-adm tcp 0 100 88 ucs2.friedrichnet.de." to zone friedrichnet.de...
done
modifying entry "cn=ucs2,cn=dc,cn=computers,dc=friedrichnet,dc=de"
Object modified: relativeDomainName=_domaincontroller_master._tcp,zoneName=friedrichnet.de,cn=dns,dc=friedrichnet,dc=de
Object removed: cn=ucs,cn=dc,cn=computers,dc=friedrichnet,dc=de
udm dns/forward_zone (attribute nameserver) contains a reference to ucs.friedrichnet.de. in zoneName=box,cn=dns,dc=friedrichnet,dc=de
Do you want this reference to be changed from
"ucs.friedrichnet.de."
to
"ucs2.friedrichnet.de."
[Y|n]?
Ok, changing nameserver in zoneName=box,cn=dns,dc=friedrichnet,dc=de
Object modified: zoneName=box,cn=dns,dc=friedrichnet,dc=de
Object modified: zoneName=box,cn=dns,dc=friedrichnet,dc=de
udm dns/reverse_zone (attribute nameserver) contains a reference to ucs.friedrichnet.de. in zoneName=4.168.192.in-addr.arpa,cn=dns,dc=friedrichnet,dc=de
Do you want this reference to be changed from
"ucs.friedrichnet.de."
to
"ucs2.friedrichnet.de."
[Y|n]?
Ok, changing nameserver in zoneName=4.168.192.in-addr.arpa,cn=dns,dc=friedrichnet,dc=de
Object modified: zoneName=4.168.192.in-addr.arpa,cn=dns,dc=friedrichnet,dc=de
Object modified: zoneName=4.168.192.in-addr.arpa,cn=dns,dc=friedrichnet,dc=de
udm dns/reverse_zone (attribute nameserver) contains a reference to ucs.friedrichnet.de. in zoneName=3.168.192.in-addr.arpa,cn=dns,dc=friedrichnet,dc=de
Do you want this reference to be changed from
"ucs.friedrichnet.de."
to
"ucs2.friedrichnet.de."
[Y|n]?
Ok, changing nameserver in zoneName=3.168.192.in-addr.arpa,cn=dns,dc=friedrichnet,dc=de
Object modified: zoneName=3.168.192.in-addr.arpa,cn=dns,dc=friedrichnet,dc=de
Object modified: zoneName=3.168.192.in-addr.arpa,cn=dns,dc=friedrichnet,dc=de
univention-run-join-scripts: runs all join scripts existing on local computer.
copyright (c) 2001-2019 Univention GmbH, Germany
Running pre-joinscripts hook(s): done
Running 01univention-ldap-server-init.inst skipped (already executed)
Running 02univention-directory-notifier.inst skipped (already executed)
Running 03univention-directory-listener.inst skipped (already executed)
Running 04univention-ldap-client.inst skipped (already executed)
Running 05univention-bind.inst skipped (already executed)
Running 08univention-apache.inst skipped (already executed)
Running 10univention-ldap-server.inst skipped (already executed)
Running 11univention-heimdal-init.inst skipped (already executed)
Running 11univention-pam.inst skipped (already executed)
Running 15univention-directory-notifier-post.inst skipped (already executed)
Running 15univention-heimdal-kdc.inst skipped (already executed)
Running 18python-univention-directory-manager.inst skipped (already executed)
Running 20univention-directory-policy.inst skipped (already executed)
Running 20univention-join.inst skipped (already executed)
Running 22univention-directory-manager-rest.inst skipped (already executed)
Running 25univention-dhcp.inst skipped (already executed)
Running 26univention-nagios-common.inst skipped (already executed)
Running 30univention-appcenter.inst skipped (already executed)
Running 30univention-nagios-client.inst skipped (already executed)
Running 33univention-portal.inst skipped (already executed)
Running 34univention-management-console-server.inst skipped (already executed)
Running 35univention-appcenter-docker.inst skipped (already executed)
Running 35univention-management-console-module-appcenter.inskipped (already executed)
Running 35univention-management-console-module-diagnostic.iskipped (already executed)
Running 35univention-management-console-module-ipchange.insskipped (already executed)
Running 35univention-management-console-module-join.inst skipped (already executed)
Running 35univention-management-console-module-lib.inst skipped (already executed)
Running 35univention-management-console-module-mrtg.inst skipped (already executed)
Running 35univention-management-console-module-quota.inst skipped (already executed)
Running 35univention-management-console-module-reboot.inst skipped (already executed)
Running 35univention-management-console-module-services.insskipped (already executed)
Running 35univention-management-console-module-setup.inst skipped (already executed)
Running 35univention-management-console-module-sysinfo.instskipped (already executed)
Running 35univention-management-console-module-top.inst skipped (already executed)
Running 35univention-management-console-module-ucr.inst skipped (already executed)
Running 35univention-management-console-module-udm.inst skipped (already executed)
Running 35univention-management-console-module-updater.instskipped (already executed)
Running 35univention-server-overview.inst skipped (already executed)
Running 36univention-management-console-module-apps.inst skipped (already executed)
Running 40univention-virtual-machine-manager-schema.inst skipped (already executed)
Running 81univention-nfs-server.inst skipped (already executed)
Running 90univention-bind-post.inst skipped (already executed)
Running 91univention-saml.inst skipped (already executed)
Running 92univention-management-console-web-server.inst skipped (already executed)
Running 98univention-pkgdb-tools.inst skipped (already executed)
Running post-joinscripts hook(s): done
udm shares/share (attribute host) contains a reference to ucs in cn=Temp,cn=ucs.friedrichnet.de,cn=shares,dc=friedrichnet,dc=de
Do you want this reference to be changed from
"ucs.friedrichnet.de"
to
"ucs2.friedrichnet.de"
[Y|n|remove]?
r
[Y|n|remove]?
Ok, changing host in cn=Temp,cn=ucs.friedrichnet.de,cn=shares,dc=friedrichnet,dc=de
Object modified: cn=Temp,cn=ucs.friedrichnet.de,cn=shares,dc=friedrichnet,dc=de
udm shares/share (attribute host) contains a reference to ucs in cn=Temp,cn=ucs.friedrichnet.de,cn=shares,dc=friedrichnet,dc=de
Do you want this reference to be changed from
"ucs2.friedrichnet.de"
to
"ucs22.friedrichnet.de"
[Y|n|remove]?
Ok, changing host in cn=Temp,cn=ucs.friedrichnet.de,cn=shares,dc=friedrichnet,dc=de
Object modified: cn=Temp,cn=ucs.friedrichnet.de,cn=shares,dc=friedrichnet,dc=de
udm shares/share (attribute host) contains a reference to ucs in cn=Temp,cn=ucs.friedrichnet.de,cn=shares,dc=friedrichnet,dc=de
Do you want this reference to be changed from
"ucs22.friedrichnet.de"
to
"ucs222.friedrichnet.de"
[Y|n|remove]?
The script can’t handle my servername ucs2 which replaces the former ucs, it is in a LOOP adding always a 2 to the hostname.
Same occurs later on with the other DC-Backup named ucsmail
udm shares/share (attribute host) contains a reference to ucs in cn=Temp,cn=ucsmail.friedrichnet.de,cn=shares,dc=friedrichnet,dc=de
Do you want this reference to be changed from
"ucsmail.friedrichnet.de"
to
"ucs2mail.friedrichnet.de"
[Y|n|remove]?
remove
Ok, removing
Object removed: cn=Temp,cn=ucsmail.friedrichnet.de,cn=shares,dc=friedrichnet,dc=de
udm shares/share (attribute host) contains a reference to ucs in cn=Musik,cn=ucsmail.friedrichnet.de,cn=shares,dc=friedrichnet,dc=de
Do you want this reference to be changed from
"ucsmail.friedrichnet.de"
to
"ucs2mail.friedrichnet.de"
[Y|n|remove]?
remove
Ok, removing
There is no host named ucs2mail which makes sense to replace the share on the ucsmail server.
My new server is ucs2 (which replaces ucs) and ucsmail (untouched) as the actual File Server as AD DC.
Conclusion: Probaly, there is a ‘replace’ Bug within a loop in the script, which says:
Loop: search for ‘ucs’ and replace with ‘ucs2’
better:
Loop: search for ‘ucs.’ and replace with ‘ucs2.’
or use the FQDN.