Error on upgrade


#1

univention-upgrade --ignoressh

Starting univention-upgrade. Current UCS version is 4.0-4 errata364

Checking for local repository: none
Checking for release updates: found: UCS 4.1-0

Do you want to update to 4.1-0 [Y|n]? y

Starting update to UCS version 4.1-0

HINT:
Please check the release notes carefully BEFORE updating to UCS 4.1-0:
English version: docs.software-univention.de/rel … -0-en.html
German version: docs.software-univention.de/rel … -0-de.html

Please also consider documents of following release updates and
3rd party components.

Do you want to continue [Y/n]? y

Checking for space on /var/cache/apt/archives: OK
Checking for space on /boot: OK
Checking for space on /: OK
Checking for package status: OK
Checking LDAP schema: OK
ERROR: A LDAP connection to the configured LDAP servers with the machine
account has failed (invalid credentials)!
This MUST be fixed before the update can continue.

This problem can be corrected by setting the content of the file
/etc/machine.secret to the password of the computer object using
Univention Management Console.


#2

Whats the role of the system?

ucr get server/role

#3

ucr get server/role domaincontroller_master

udm users/user list Traceback (most recent call last): File "/usr/share/univention-directory-manager-tools/univention-cli-server", line 222, in doit output = univention.admincli.admin.doit(arglist) File "/usr/lib/pymodules/python2.7/univention/admincli/admin.py", line 393, in doit out=_doit(arglist) File "/usr/lib/pymodules/python2.7/univention/admincli/admin.py", line 540, in _doit co=univention.admin.config.config(configRegistry['ldap/master']) File "/usr/lib/pymodules/python2.7/univention/admin/config.py", line 38, in __init__ base=univention.admin.uldap.getBaseDN(host) File "/usr/lib/pymodules/python2.7/univention/admin/uldap.py", line 66, in getBaseDN result=l.search_s('',ldap.SCOPE_BASE,'objectClass=*',['NamingContexts']) File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 559, in search_s return self.search_ext_s(base,scope,filterstr,attrlist,attrsonly,None,None,timeout=self.timeout) File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 918, in search_ext_s return self._apply_method_s(SimpleLDAPObject.search_ext_s,*args,**kwargs) File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 865, in _apply_method_s self.reconnect(self._uri,retry_max=self._retry_max,retry_delay=self._retry_delay) File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 839, in reconnect raise e SERVER_DOWN: {'desc': "Can't contact LDAP server"}


#4

Ok it semms to be that the LDAP server is down. Whats the output of

ps aux | grep slapd
/etc/init.d/slapd restart
ps aux | grep slapd

#5

root@dc-mgt-01:~# ps aux | grep slapd root 3182 0.0 0.0 7844 2004 pts/0 S+ 23:06 0:00 grep slapd root@dc-mgt-01:~# /etc/init.d/slapd restart sed: can't read /etc/ldap/slapd.d/cn=config.ldif: No such file or directory root@dc-mgt-01:~# ps aux | grep slapd root 3197 0.0 0.0 7844 1952 pts/0 S+ 23:06 0:00 grep slapd root@dc-mgt-01:~#


#6

Do this and then try it again:

ucr commit /etc/ldap/*
/etc/init.d/slapd restart
ps aux | grep slapd

#7

ucr commit /etc/ldap/* Multifile: /etc/ldap/slapd.conf root@dc-mgt-01:~# /etc/init.d/slapd restart sed: can't read /etc/ldap/slapd.d/cn=config.ldif: No such file or directory root@dc-mgt-01:~# ps aux | grep slapd root 14702 0.0 0.0 7844 1956 pts/0 S+ 23:53 0:00 grep slapd


#8

any update ??


#9

i’m fix this problem , but i have other problem

tail -f /var/log/univention/join.log /usr/share/univention-directory-manager-tools/univention-dnsedit: timeout while trying to contact LDAP server /usr/share/univention-directory-manager-tools/univention-dnsedit: timeout while trying to contact LDAP server /usr/share/univention-directory-manager-tools/univention-dnsedit: timeout while trying to contact LDAP server /usr/share/univention-directory-manager-tools/univention-dnsedit: timeout while trying to contact LDAP server /usr/share/univention-directory-manager-tools/univention-dnsedit: timeout while trying to contact LDAP server /usr/share/univention-directory-manager-tools/univention-dnsedit: timeout while trying to contact LDAP server

ldapmodify SASL/GSSAPI authentication started ldap_sasl_interactive_bind_s: Local error (-2) additional info: SASL(-1): generic failure: GSSAPI Error: Miscellaneous failure (see text) (open(/tmp/krb5cc_0): No such file or directory)


#10

[code]ldap.INVALID_CREDENTIALS: {‘desc’: ‘Invalid credentials’}
Restarting Name Service Cache Daemon: nscd.
setfacl: Option -m: Invalid argument near character 3
Error: Could not set fACL for /var/lib/samba/sysvol
EXITCODE=2
RUNNING 97univention-s4-connector.inst
2015-12-02 03:13:11.229344481+02:00 (in joinscript_init)
Traceback (most recent call last):
File “”, line 4, in
File “/usr/lib/pymodules/python2.7/univention/lib/admember.py”, line 133, in is_domain_in_admember_mode
lo = univention.uldap.getMachineConnection()
File “/usr/lib/pymodules/python2.7/univention/uldap.py”, line 101, in getMachineConnection
lo=access(host=ucr[‘ldap/master’], port=port, base=ucr[‘ldap/base’], binddn=ucr[‘ldap/hostdn’], bindpw=bindpw, start_tls=start_tls, decode_ignorelist=decode_ignorelist, reconnect=reconnect)
File “/usr/lib/pymodules/python2.7/univention/uldap.py”, line 177, in init
self.__open(ca_certfile)
File “/usr/lib/pymodules/python2.7/univention/uldap.py”, line 219, in __open
self.lo.simple_bind_s(self.binddn, self.__encode_pwd(self.bindpw))
File “/usr/lib/python2.7/dist-packages/ldap/ldapobject.py”, line 879, in simple_bind_s
res = self._apply_method_s(SimpleLDAPObject.simple_bind_s,*args,**kwargs)
File “/usr/lib/python2.7/dist-packages/ldap/ldapobject.py”, line 860, in _apply_method_s
return func(self,*args,**kwargs)
File “/usr/lib/python2.7/dist-packages/ldap/ldapobject.py”, line 215, in simple_bind_s
resp_type, resp_data, resp_msgid, resp_ctrls = self.result3(msgid,all=1,timeout=self.timeout)
File “/usr/lib/python2.7/dist-packages/ldap/ldapobject.py”, line 476, in result3
resp_ctrl_classes=resp_ctrl_classes
File “/usr/lib/python2.7/dist-packages/ldap/ldapobject.py”, line 483, in result4
ldap_result = self._ldap_call(self._l.result4,msgid,all,timeout,add_ctrls,add_intermediates,add_extop)
File “/usr/lib/python2.7/dist-packages/ldap/ldapobject.py”, line 106, in _ldap_call
result = func(*args,**kwargs)
ldap.INVALID_CREDENTIALS: {‘desc’: ‘Invalid credentials’}
Not updating connector/s4/ldap/host
Not updating connector/s4/ldap/base
Not updating connector/s4/ldap/ssl
Not updating connector/s4/mapping/group/language
Not updating connector/s4/ldap/protocol
Not updating connector/s4/ldap/socket
authentication error: Authentication failed
EXITCODE=3

Wed Dec 2 03:13:12 EET 2015
univention-run-join-scripts finished

/usr/share/univention-directory-manager-tools/univention-dnsedit: timeout while trying to contact LDAP server[/code]