Error joining UCS Domain as slave DC

UCS - Univention Corporate Server
#1

HI,
I have set up a UCS Primar DC and need to set up a UCS slave DC.
My problem is that the configuration of the Slave DC configuration is stuck on “Domain setup (this might take a while)” and below the progressbar it say’s “Preparing domain join”.
I have no way to check any logs since I cannot get to a console.
How can I find information on what is wrong?
It is has been stuck for a couple of hours now.

I can se that the DC Slave is registered in the Master DC.

Using current VM image and both servers are hosted on the same ESXi host.

Need assistance

Regards
Bengt

#2

Hello and welcome,

Hangs while joining are most often DNS related. While it is not strictly required/enforced, it is a good habit to always manually enter the first DNS server (the IP of your DC Master) and to always enter the fully-qualified hostname (hostname with domain) when you’re asked to choose the host name of the system to be installed.

Another common cause of confusion can be the presence of multipe DHCP hosts in your network. The Univention Installer will try to get its first network configuration by DHCP. This will only succeed if your DC Master is the only host advertising DHCP. A ridiculous way to avoid that would be to disconnect the network until you’re forced to enter the network configuration manually.

While the installer is running you can always switch between the different console screens by hitting Ctrl-Alt-Fn where n is a number from 1 to 9. In the UCS installer, the consoles are used this way: [1] for the system start messages, [2] [3] for you to do something, [4] for a scrolling log of what the installer is doing, [5] for the graphical console.

So you could switch to console #2, press [Enter] to activate it. The system to be installed is mounted at /target, and therein you’ll find log files in var/log. Mostly interesting while the Univention Installer is running are the logs in the ‘univention’ subdirectory. To watch the join process you would watch the ‘join.log’ file:

~ # cd /target/var/log/univention
/target/var/log/univention # tail -f join.log

To page through the whole join.log file you would enter

/target/var/log/univention # more join.log

page forward with the space bar, or press the ‘q’ key to quit the viewer.

Hope that helps as a starting point.

Regards,
Frank Greif.

#3

Thanks that was helpful.
I removed the VM instance and are now creating a new UCS in a different domain. And will try to join later

Regards Bengt-Åke

#4

Hi,
Tried to follow your advice.
I found the join.log and found that it stuck on following lines

  • Could not chdir to home directory /dev/null: Not a directory
  • scp: /etc/univention/ssl/host.domain.tld: Nu such file or directory

Switching between consoles terminated the configuration GUI for some reason.

Is there a way to restart the configuration script?
Any suggestion on how to proceed?

Regards
Bengt-Åke

#5

Hi,

I would guess the configuration GUI was not really terminated, you should get back there by pressing Ctrl-Alt-F5.

The message ‘cannot chdir to /dev/null’ appears even on a successfully-joined slave system, this is probably not causing problems.

The other message is more interesting: I’d like to know which module of the join process caused it. You find it by searching through the join log and find the most recent line reading similar to

Configure 03univention-directory-listener.inst Mon Sep  8 12:38:07 CEST 2014

before the actual error message. If there’s no such line before the error then I’d need at least some more lines of the actual error context.

If the join process hangs you have no chance but to start the installation from scratch. But if you don’t tick the ‘join system at end of installation’ box then the installation will have a chance to succeed. Afterwards you can log in as root on your new system, and call

univention-join

and if it fails you don’t have to repeat the whole installation. univention-join can safely be repeated.

Regards,
Frank Greif.

#6

Hi again,
The management console is stuck on Domain join/Check TLS connection
The last line without error in join.log is
File:/etc/pam.d/dovecot
I have no line starting with configuration:

all above lines is referencing postfix and dovecot

Its a standard installation from the VM image with mailserver

Regards Bengt-Åke

#7

Hi again,
Problem solved
There are two folders missing, I manually created these folders:
/etc/univention/ssl/host and /etc/univention/ssl/host.domain.tld
The script continued instantly and completed once the folders were in place.

I assume that the univention-join script should have taken care of this.

Anyway it’s now working. Many thanks for taking your time to assist me.

Regards

Bengt-Åke

#8

Hi again

It turned out that I was wrong!
The folder that I was creating (/etc/univention/sl/host.domain.tld) is beeing renamed by the system to something like (/etc/univention/ssl_151024217)
As sone as I run univention-join are the folders gone.

I am lost here

Regards Bengt-Åke

#9

Hi,

did you ever try to create a new VM and install from ISO?

Best Regards,
Dirk

#10

Yes I did multiple time without success.
Suddenly after a week or so it just started to work and now it functions correctly.
Did the same thing every time. I guess some service never started correctly on the primare domain controller i.e. created the necessary folders hence the stuck join script.

Still have to go thru all logs to find the error.
Is there anything published about the Univention architecture or do I have to find out for my self :frowning:

Regards Bengt

Mastodon