Cannot Login using Administrator

ad-connection

#1

I have downloaded the latest ISO and installed it using the following options:

  1. Setup static (or DHCP) IP address
  2. Used valid gateway
  3. Used DNS address pointing to Windows Server 2016 domain controller
  4. Used option “2” to join an existing Active Directory domain
  5. Selected option “1” to make the system a Domain Backup Controller
  6. Provided logon information to existing domain

The installer spent a lot of time configuring the system, but ultimately it fails with pinging ucs.<my_domain>.com which is quite weird because I named the UCS as ucs1.<my_domain>.com. Oddly enough the URL further down shows the correct information. The existing domain controller is at .<my_domain>.com.

On that screen, I have two options. I can finish or I can try reconfigure. I actually installed the system twice and found that reconfigure jumps back in the script, but then it fails early on with an error message that doesn’t provide any further information.

If I choose finish, the installer executes some scripts and then completes the installation.

Regardless of what I do, I can never login from the web console using the Administrator user. Root is working, but it doesn’t really offer any configuration options.

The same is true using the command console. I can easily login using root, but when I try to change the password for the Administrator using passwd Administrator, the system tells me that this user doesn’t exist.

The actual error message on the web ui is “The authentication has failed, please login again.”

As a last resort, I have even tried another system, but the results remains the same.

Why do I not have the Administrator user? How can I fix it?

My goal is to setup Univention as a backup domain controller connecting to an existing Windows Server 2016 domain controller. If things go well, I would like to get rid off the Windows server in the future.

Any help is appreciated!


#2

I think you ran into a known bug in UCS. i guess this was not the first time a UCS was joined into the AD domain. A thread in this forum has more information, but it is in German.

Basically, you have to remove every occurrence of the previous UCS system from your AD DNS settings, especially the _domaincontroller_master._tcp record, and rejoin the domain.


#3

I have the same problem .


#4

@ali.es: Hi and welcome to Univention Help. Do the steps described by @damrose above solve your problem?


#5

Thanks. I got this sorted, but then Univention stopped working altogether after an upgrade… I will open a separate thread for that!