I have two system diagnostic errors on a UCS 4.4.1 (Master with Active Directory connection):
"Critical: Verification Kerberos authenticated DNS updates"
Errors occurred when executing `kinit` or `nsupdate`.
`nsupdate` Check for the domain stedry.local failed (tux.stedry.local).
`kinit` for the principal dns-tux with the password table /var/lib/samba/private/dns.keytab failed.
and:
"Problem: Check of SAML certificates failed!
Traceback (most recent call last):
File "/usr/lib/pymodules/python2.7/univention/management/console/modules/diagnostic/__init__.py", line 275, in execute
result = execute(umc_module, **kwargs)
File "/usr/lib/pymodules/python2.7/univention/management/console/modules/diagnostic/plugins/04_saml_certificate_check.py", line 76, in run
test_identity_provider_certificate()
File "/usr/lib/pymodules/python2.7/univention/management/console/modules/diagnostic/plugins/04_saml_certificate_check.py", line 89, in test_identity_provider_certificate
for host in socket.gethostbyname_ex(sso_fqdn)[2]:
gaierror: [Errno -2] The name or service is not known
dig @stedry.local
root@tux:~# dig @stedry.local
; <<>> DiG 9.10.3-P4-Univention <<>> @stedry.local
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 21642
;; flags: qr rd ra; QUERY: 1, ANSWER: 13, AUTHORITY: 0, ADDITIONAL: 27
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4000
;; QUESTION SECTION:
;. IN NS
;; ANSWER SECTION:
. 4220 IN NS m.root-servers.net.
. 4220 IN NS b.root-servers.net.
. 4220 IN NS c.root-servers.net.
. 4220 IN NS d.root-servers.net.
. 4220 IN NS e.root-servers.net.
. 4220 IN NS f.root-servers.net.
. 4220 IN NS g.root-servers.net.
. 4220 IN NS h.root-servers.net.
. 4220 IN NS a.root-servers.net.
. 4220 IN NS i.root-servers.net.
. 4220 IN NS j.root-servers.net.
. 4220 IN NS k.root-servers.net.
. 4220 IN NS l.root-servers.net.
;; ADDITIONAL SECTION:
m.root-servers.net. 5292 IN A 202.12.27.33
m.root-servers.net. 5292 IN AAAA 2001:dc3::35
b.root-servers.net. 5292 IN A 199.9.14.201
b.root-servers.net. 5292 IN AAAA 2001:500:200::b
c.root-servers.net. 6490 IN A 192.33.4.12
c.root-servers.net. 5292 IN AAAA 2001:500:2::c
d.root-servers.net. 5292 IN A 199.7.91.13
d.root-servers.net. 5292 IN AAAA 2001:500:2d::d
e.root-servers.net. 5292 IN A 192.203.230.10
e.root-servers.net. 5292 IN AAAA 2001:500:a8::e
f.root-servers.net. 5292 IN A 192.5.5.241
f.root-servers.net. 5292 IN AAAA 2001:500:2f::f
g.root-servers.net. 4695 IN A 192.112.36.4
g.root-servers.net. 4690 IN AAAA 2001:500:12::d0d
h.root-servers.net. 5292 IN A 198.97.190.53
h.root-servers.net. 5292 IN AAAA 2001:500:1::53
a.root-servers.net. 4210 IN A 198.41.0.4
a.root-servers.net. 5882 IN AAAA 2001:503:ba3e::2:30
i.root-servers.net. 5292 IN A 192.36.148.17
i.root-servers.net. 5292 IN AAAA 2001:7fe::53
j.root-servers.net. 5292 IN A 192.58.128.30
j.root-servers.net. 5292 IN AAAA 2001:503:c27::2:30
k.root-servers.net. 5292 IN A 193.0.14.129
k.root-servers.net. 5292 IN AAAA 2001:7fd::1
l.root-servers.net. 5292 IN A 199.7.83.42
l.root-servers.net. 5292 IN AAAA 2001:500:9f::42
;; Query time: 22 msec
;; SERVER: 192.168.1.22#53(192.168.1.22)
;; WHEN: Wed Jul 31 11:16:11 CEST 2019
;; MSG SIZE rcvd: 824