Can't login after migrating VM to Google Cloud


#1

Hi,

I had to move my server host and have to shift to Google Cloud. I managed to migrate and run the VM. However, I am unable to login into the portal. It takes me to the login page and after I key in the details and press login, it takes about a minute to show me the following error:

Notification

An unknown error with status code 524 occurred while connecting to the server, please try again later.

OK

I tried to look for the log at cat management-console-web-server.log and there I see the following error:

05.07.19 17:27:20.235 MAIN ( PROCESS ) : SessionClient(0x7f6354943150): _authenticated: success=False status=401 message=The authentication has failed, please login again.
05.07.19 17:27:20.236 MAIN ( PROCESS ) : CPAuth (162.158.59.141:52220) response status code: 401
05.07.19 17:27:20.236 MAIN ( PROCESS ) : CPAuth (162.158.59.141:52220) response message: The authentication has failed, please login again.
05.07.19 17:27:20.236 MAIN ( PROCESS ) : CPAuth (162.158.59.141:52220) response result: {}

Could someone help me in resolving it?

The migrated VM has the same time as the source and the UCS version is 4.4-0 errata175

Best rgds,
AJ


#2

Update: I downloaded the qcow2 file from the original server and ran on virtualbox on my computer.

I am still not able to login. It will be great to have some help on this. Both the VMs have the same time displayed.


#4

Hi all, it will be a great help if someone can give some pointers on how to resolve this issue.

Thanks,


#5

[SOLVED]

Hi all, I finally managed to resolve it so posting it here for others.

I went through all the logs in folder /var/log/univention and noticed in particular that the log of listener.log had errors “( ERROR ) : start_tls: Can’t contact LDAP server” for connecting to the ldap server .

Since the server is being the firewall and even for it’s internal ldap service using FQDN, it was apparent that it is not using its own (or new IP).

The fix is that one need to edit /etc/hosts and change the IP address for the hostname to the new IP address.

In nutshell, while migrating, please make sure that the IP address for the hostname should be updated as well.

I managed to resolve it no


#6

Do not edit /etc/hosts manually. It’s generated automatically from a template and the data stored in the Univention config registry. Instead use the ucr command-line tool (or the corresponding section in the web management console) to look for host entries:

ucr search --brief hosts/static/

Then change the affected entries with e.g.

ucr set hosts/static/new.ip.add.ress=yourname
ucr unset hosts/static/old.ip.add.ress

If you don’t change your UCR variables, your manual changes to /etc/hosts at a later date, e.g. during system updates, and your “fixes” will be lost.


#7

Thanks Moritz. I’ll do it and update it.

While installing apps through app center, I noticed errors so I’m amending this reply for others on how to resolve it.

  1. Apart from the host values, you should also edit the nameserver1 reading as it will point to the old IP address (Univention Join schlägt fehl). This could be done via univention portal by searching DNS. I also edited ethernet card info for future use.

  2. Second time I got a new error such as “Unable to negotiate with 192.168.1.2 port 22: no matching key exchange method found. Their offer:…” I was unable to find a solution here it seemed liked it was because of old openssh sever format (https://networkforbeginners.com/no-matching-key-exchange-method-found/). I took a drastic measure (ofcourse, made a backup first) to remove the openssh server and remove the dependency by:

apt-get remove openssh-server
apt-get auto remove

And then reinstalling in by

apt-get install openssh-server

The ssh error went away and I successfully installed the app from the appcenter.