Fresh Univention VM, Domain Controller, "Cannot connect to the LDAP service"

Just deployed a new appliance of the latest UCS (not able to get at the exact version but it just updated everything as part of setup). I set this to be a domain controller, and called it dc1. Upon first clean boot up I’m asked to log in, so I give it my Administrator user and the correct password, and I’m greeted with this:

Internal server error: The service is temporarily not available.
Cannot connect to the LDAP service.
The following steps can help to solve this problem:
* Check if enough hard disk space and free RAM is available on this server or free some resources
* Restart the LDAP service on the domain controller master either via "service slapd restart" on command line or with the UMC module "System services"

It’s got the default 1.5GB RAM and the host isn’t fully tapped, and plenty of room for the drive to grow if it needs (which it shouldn’t, it’s a fresh OVA deployment).

I notice this was reported previously: Univention management console 4.3 error but no one responded to the OP’s log. I ran the same systemctl status slapd.service and univention-ldapsearch -s base dn commands and get the following results:

● slapd.service - LSB: OpenLDAP standalone server (Lightweight Directory Access
   Loaded: loaded (/etc/init.d/slapd; generated; vendor preset: enabled)
   Active: active (running) since Thu 2019-05-02 13:54:50 EDT; 51min ago
     Docs: man:systemd-sysv-generator(8)
  Process: 938 ExecStart=/etc/init.d/slapd start (code=exited, status=0/SUCCESS)
 Main PID: 1221 (slapd)
    Tasks: 6 (limit: 4915)
   Memory: 20.1M
      CPU: 291ms
   CGroup: /system.slice/slapd.service
           └─1221 /usr/sbin/slapd -h ldapi:/// ldap://:7389/ ldaps://:7636/

May 02 13:54:46 dc1 systemd[1]: Starting LSB: OpenLDAP standalone server (Lightw
May 02 13:54:48 dc1 slapd[1176]: @(#) $OpenLDAP: slapd  (Aug  6 2018 15:28:57) $
                                         Debian OpenLDAP Maintainers <pkg-openld
May 02 13:54:48 dc1 slapd[1176]: Loaded metadata from "/usr/share/univention-man
May 02 13:54:49 dc1 slapd[1221]: WARNING: No dynamic config support for overlay
May 02 13:54:49 dc1 slapd[1221]: WARNING: No dynamic config support for overlay
May 02 13:54:49 dc1 slapd[1221]: slapd starting
May 02 13:54:49 dc1 slapd[938]: Starting ldap server(s): slapd ...done.
May 02 13:54:49 dc1 ldapsearch[1266]: DIGEST-MD5 common mech free
May 02 13:54:50 dc1 slapd[938]: Checking Schema ID: ...done.
May 02 13:54:50 dc1 systemd[1]: Started LSB: OpenLDAP standalone server (Lightwe
lines 1-23...skipping...
● slapd.service - LSB: OpenLDAP standalone server (Lightweight Directory Access Protocol)
   Loaded: loaded (/etc/init.d/slapd; generated; vendor preset: enabled)
   Active: active (running) since Thu 2019-05-02 13:54:50 EDT; 51min ago
     Docs: man:systemd-sysv-generator(8)
  Process: 938 ExecStart=/etc/init.d/slapd start (code=exited, status=0/SUCCESS)
 Main PID: 1221 (slapd)
    Tasks: 6 (limit: 4915)
   Memory: 20.1M
      CPU: 291ms
   CGroup: /system.slice/slapd.service
           └─1221 /usr/sbin/slapd -h ldapi:/// ldap://:7389/ ldaps://:7636/

May 02 13:54:46 dc1 systemd[1]: Starting LSB: OpenLDAP standalone server (Lightweight Directory Access
May 02 13:54:48 dc1 slapd[1176]: @(#) $OpenLDAP: slapd  (Aug  6 2018 15:28:57) $
                                         Debian OpenLDAP Maintainers <pkg-openldap-devel@lists.alioth.d
May 02 13:54:48 dc1 slapd[1176]: Loaded metadata from "/usr/share/univention-management-console/saml/id
May 02 13:54:49 dc1 slapd[1221]: WARNING: No dynamic config support for overlay translog.
May 02 13:54:49 dc1 slapd[1221]: WARNING: No dynamic config support for overlay shadowbind.
May 02 13:54:49 dc1 slapd[1221]: slapd starting
May 02 13:54:49 dc1 slapd[938]: Starting ldap server(s): slapd ...done.
May 02 13:54:49 dc1 ldapsearch[1266]: DIGEST-MD5 common mech free
May 02 13:54:50 dc1 slapd[938]: Checking Schema ID: ...done.
May 02 13:54:50 dc1 systemd[1]: Started LSB: OpenLDAP standalone server (Lightweight Directory Access P
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~

root@dc1:~# systemctl start slapd.service
root@dc1:~# univention-ldapsearch -s base dn
ldap_start_tls: Can't contact LDAP server (-1)
ldap_start_tls: Can't contact LDAP server (-1)
ldap_start_tls: Can't contact LDAP server (-1)
^C
Mastodon