Domain join tool fails on ubuntu 20.04

UCS - Univention Corporate Server
, ,
#1

Hi,

i have a problem with the domain join tool to join ubuntu machines into my server.
Ive got different ubuntu machines i like to join, they are somewhat vanilla Ubuntu 20.04.2 LTS.

On the first machine i have to check the “Set UCS DC as DNS Server” and it wokred like a charm.
However, on the next machine the tool started to fail "The domain join failed The UCS master name [MY NAME] could not be resolved.
Could someone help me about this ? Probably something in the DNS/network manager.

Best regards

Ucs5 join dns error
#2

i would check that the client is clearly using the correct domain name resolver.
sometimes the ubuntu internal tools “put it back” to the old version.
then check you are infact using the correct domain/commands.

1 Like
#3

Thank you.

Not sure where to check. But when I go to the settings of the current WiFi connection - ipv4 - the DNS value is my univention server. Is that the right location to check?

#4

if only…
you may need to drop down into your terminal…
because it is possible for the linux to have other resolvers in the resolver file.
the wifi just says “these are the resolvers i provided”

go check out

$ cat /etc/resolv.conf

and the dreaded “network manager” in settings…
also ensure you only have a wifi connection not ethernet as well

1 Like
#5

Thank you soo much for helping me out!

resolv.conf shows three entry’s.

nameserver with an IP 127.0.0.53 [<- so it’s local host?]
Options edns0 trust-ad
Search [my rooters login domain] [The ucs.intranet domain]

The WiFi settings list my univention server IP as DNS.

Edit: the settings and the file are matching with the working machine.
Maybe I miss something of network manager software.

#6

be careful…

that 127.x.x.x.x setting is like a dummy proxy that points to the other DNS resolvers.
that might still be hidden some place.
have a look in network settings in the GUI, under network manager

1 Like
#7

Hi,

which network manager settings do I need to check.

This one ?

(The blue area is the UC’s IP)IMG_20220512_121210

Edit:
I also checked if $ nmcli is known, because I saw other threads asking me to check. nmcli is installed.

#8

Any ideas? Iam still stuck here

#9

Sorry… i was off line for some time.
have you also checked the interface configs?

nano /etc/netplan/00-installer-config.yaml

or other files in “netplan”

1 Like
#10

Thank you.

I have checked the netplan dir on both machines (the one that successfully joined and the one that not) and i have just one file in the dir, which is 01-network-manager-all.yaml

$ cat /etc/netplan/01-network-manager-all.yaml 
# Let NetworkManager manage all devices on this system
network:
  version: 2
  renderer: NetworkManager
#11

I’m At a loss then.

this sort of thing can only be resolved by hands on.

1 Like
#12

Thank you.
Are there any informations what should be there?
Maybe i can find someone irl to help if i understand what causes the problem.

#13

it means the name you used CANNOT be resolved.

  1. you go the name wrong.
    Or
  2. your PRIMARY DNS in NOT pointing at the AD server
    or
    something else
1 Like
#14

Thank you for your replies.

The only solution I could achieve was to freshly install ubuntu 20.04 LTS and use the domain join tool with the check box to force the DNS.

Ubuntu 22.04 LTS does not work. The join does not succeed, which is sad.

However, i currently struggle to mount shares for roaming profiles.
(And iam not able to mount shares regardless)

#15

Hi,
at least for ubuntu 20.04 LTS I found this solution:

After installing the univention_domain-join package on the client edit the file
/usr/lib/python3/dist-packages/univention_domain_join/utils/general.py

and change in line 50 addr to name

socket.gethostbyaddr(name)

to

socket.gethostbyname(name)

#16

I just learned that this is not the right way to fix the problem. Rather, what needs to be fixed is the cause of the name resolution not working both ways, DNS and rDNS.
In my case, there was a missing PTR entry for the PDN (=DC) in the corresponding reverse lookup zone. This can be added in the UMC GUI under Domain–>DNS or on the command line as described here
Upgrade working version 4.4 to 5 - DNS zones found no host record for nameserver

#17

See Bug#52726 for the analysis and why both get-host-by-{name,addr}() are “wrong”. Also has a patch.

#18

@pmhahn So the fix is to change line 50 of
`/usr/lib/python3/dist-packages/univention_domain_join/utils/general.py

`to:

socket.getaddrinfo(fqhn, 22, socket.AF_UNSPEC, socket.SOCK_STREAM, socket.IPPROTO_TCP)

Correct?

#19

More or less yes, except that you also need to handle the case, that getaddrinfo() returns nothing, which needs to be translated to the function returning False:

diff --git univention_domain_join/utils/general.py univention_domain_join/utils/general.py
index 46c4bad..4969daa 100644
--- univention_domain_join/utils/general.py
+++ univention_domain_join/utils/general.py
@@ -47,7 +47,6 @@ def execute_as_root(func):
 
 def name_is_resolvable(name):
        try:
-               socket.gethostbyaddr(name)
-               return True
+               return bool(socket.getaddrinfo(name, 22, socket.AF_UNSPEC, socket.SOCK_STREAM, socket.IPPROTO_TCP))
        except Exception:
                return False

And before someone asks: I already created an internal pull/merge-request, which is still stuck in our queue; sadly I have no ETA when it will be fixed.

1 Like
#20

Hi,

ive checked the updated version of the join script with ubuntu 22.04, which shall be supported but “BOOM joine failed”
in order to keep this topic clean, i started a new one as its 22,04. Hopefully, we can solve this soon.

Mastodon