DNS on a UCS Backup server

UCS - Univention Corporate Server
#1

Hi all,

I have the following setup:
a new UCS domain with:
UCS-Master , with ldap & dns (called ‘officedomain.lcl’)
UCS-Backup , also with ldap & dns

On both systems I can go to the web interface, click on Domain -> DNS and see all the hosts I added to the officedomain.lcl
When I use the UCS-Master as a DNS server I can resolve all the hosts in the lcl domain, when I use the UCS-Backup server as DNS server I cannot resolve hosts in the lcl domain, I can resolve any other hostname (ie: yahoo.com, google.com etc).

When using the webinterface on the ucs-backup server I can browse the ldap & dns, does this mean the replication is working or is it querying the master server ?

What should I check to resole my dns issues ? I would like to use the UCS-Backup server to also resolve our .lcl domain just like the master server does.

New Host not found in DNS
#2

I found this in the listener.log:

Could not write to transaction file /var/lib/univention-ldap/listener/listener. Check for /var/lib/univention-directory-replication/failed.ldif

I checked the ldif and the accounts in the failed.ldif appear to be present on de backup server, I removed the failed.ldif , restarted the listener and issues a restransfer of the dns domain with: rndc transfer officedomain.lcl

The files in /var/cache/bind are now updated and resolving all the local machines now seem to work.

#3

I found this in the listener.log:

Could not write to transaction file /var/lib/univention-ldap/listener/listener. Check for /var/lib/univention-directory-replication/failed.ldif

I checked the ldif and the accounts in the failed.ldif appear to be present on de backup server, I removed the failed.ldif , restarted the listener and issues a restransfer of the dns domain with: rndc transfer officedomain.lcl

The files in /var/cache/bind are now updated and resolving all the local machines now seem to work.

#4

If everything else fails you can also re-join the backup server into the domain with the »univention-join« command. That way the backup server will re-read the content of the whole LDAP directory.

Mastodon