So, i’m a bit further.
Restored server from backup by follwing that guid step by step: Cool Solution - Single Server Backup and Restore for UCS 4.3
and i have much less errors in system check.
Funny about this
root@tuxserver:~# id Administrator
id: „Administrator“: Einen solchen Benutzer gibt es nicht
root@tuxserver:~# ucr get server/role
domaincontroller_master
root@tuxserver:~# service slapd restart
root@tuxserver:~# service slapd status
● slapd.service - LSB: OpenLDAP standalone server (Lightweight Directory Access Protocol)
Loaded: loaded (/etc/init.d/slapd; generated)
Active: active (running) since Tue 2023-12-19 17:55:02 CET; 12s ago
Docs: man:systemd-sysv-generator(8)
Process: 15088 ExecStart=/etc/init.d/slapd start (code=exited, status=0/SUCCESS)
Main PID: 15101 (slapd)
Tasks: 3 (limit: 4915)
Memory: 17.5M
CGroup: /system.slice/slapd.service
└─15101 /usr/sbin/slapd -h ldapi:/// ldap://:7389/ ldaps://:7636/ -f /etc/ldap/slapd.conf
Dez 19 17:55:01 tuxserver systemd[1]: Starting LSB: OpenLDAP standalone server (Lightweight Directory Access Protocol)...
Dez 19 17:55:02 tuxserver slapd[15100]: @(#) $OpenLDAP: slapd (May 21 2022 17:09:54) $
Debian OpenLDAP Maintainers <pkg-openldap-devel@lists.alioth.debian.org>
Dez 19 17:55:02 tuxserver slapd[15100]: Loaded metadata from "/usr/share/univention-management-console/saml/idp/ucs-sso.burglenzen.local.xml"
Dez 19 17:55:02 tuxserver slapd[15101]: WARNING: No dynamic config support for overlay translog.
Dez 19 17:55:02 tuxserver slapd[15101]: WARNING: No dynamic config support for overlay shadowbind.
Dez 19 17:55:02 tuxserver slapd[15101]: slapd starting
Dez 19 17:55:02 tuxserver slapd[15088]: Starting ldap server(s): slapd ...done.
Dez 19 17:55:02 tuxserver ldapsearch[15107]: DIGEST-MD5 common mech free
Dez 19 17:55:02 tuxserver slapd[15088]: Checking Schema ID: ...done.
Dez 19 17:55:02 tuxserver systemd[1]: Started LSB: OpenLDAP standalone server (Lightweight Directory Access Protocol).
root@tuxserver:~# univention-ldapsearch uid=Administrator
# extended LDIF
#
# LDAPv3
# base <dc=burglenzen,dc=local> (default) with scope subtree
# filter: uid=Administrator
# requesting: ALL
#
# search result
search: 3
result: 0 Success
# numResponses: 1
root@tuxserver:~# univention-ldapsearch -s base
# extended LDIF
#
# LDAPv3
# base <dc=habdieschnauze,dc=voll> (default) with scope baseObject
# filter: (objectclass=*)
# requesting: ALL
#
# habdieschnauze.voll
dn: dc=habdieschnauze,dc=voll
dc: habdieschnauze
univentionObjectType: container/dc
krb5RealmName: HABDIESCHNAUZE.VOLL
nisDomain: habdieschnauze.voll
associatedDomain: habdieschnauze.voll
objectClass: top
objectClass: krb5Realm
objectClass: univentionPolicyReference
objectClass: nisDomainObject
objectClass: domainRelatedObject
objectClass: domain
objectClass: univentionBase
objectClass: univentionObject
objectClass: msGPO
msGPOLink: [LDAP://CN={31B2F340-016D-11D2-945F-00C04FB984F9},CN=Policies,CN=System,DC=habdieschnauze,DC=voll;0]
univentionPolicyReference: cn=default-settings,cn=pwhistory,cn=users,cn=policies,dc=habdieschnauze,dc=volll
univentionPolicyReference: cn=default-users,cn=admin-settings,cn=users,cn=policies,dc=habdieschnauze,dc=voll
univentionPolicyReference: cn=UCS 4.0,cn=desktop,cn=policies,dc=habdieschnauze,dc=voll
univentionPolicyReference: cn=map-country-to-st,cn=config-registry,cn=policies,dc=habdieschnauze,dc=voll
# search result
search: 3
result: 0 Success
# numResponses: 2
# numEntries: 1
So where is Administrator? It is in the S4-Database:
root@tuxserver:~# univention-s4search -b "CN=Administrator,ou=Techniker,dc=habdieschnauze,dc=voll"
# record 1
dn: CN=Administrator,OU=Techniker,DC=habdieschauze,DC=voll
objectClass: top
objectClass: person
objectClass: organizationalPerson
objectClass: user
cn: Administrator
userCertificate::......................