Interner Server-Fehler in "udm/containers (users/user)"

UCS - Univention Corporate Server
8

Thank you very much knebb for your Help!

I fixed those Permissions, anyway i think those are only “cosmetical” They happen when a external Certificate is created or renewed with the root account.

When i run systemctl status slapd.service after the mentioned reboot after the rejoin it shows me slapd Active and running.

I really struggle with your suggestions because of serveral things:
For Point 1: I found How-To: Remove a Server in the Knowledge Base. There i have to shut down dc2 to correctly demote it.
Since yesterday i can not access the UMC on DC1 anymore to remove dc2. It simply stays Grey.
Syslog tells me:

Aug 12 08:18:53 dc1 simplesamlphp[31337]: 5 STAT [e598521abd] passive-saml20-idp-SSO https://dc1.intranet.faschang.at/univention/saml/metadata https://ucs-sso.intranet.faschang.at/simplesamlphp/sa
ml2/idp/metadata.php NA
Aug 12 08:18:54 dc1 python2.7: pam_ldap: error trying to bind as user "uid=Administrator,cn=users,dc=intranet,dc=faschang,dc=at" (Invalid credentials)

I reassured the correct Password with entering a definitly wrong one which throws an other Message, so i am sure that the Password from the above attempt was correct:

Aug 12 08:39:46 dc1 simplesamlphp[1948]: 4 [e25270e321] Returning error to SP with entity ID ''https://dc1.intranet.faschang.at/univention/saml/metadata''.
Aug 12 08:39:46 dc1 simplesamlphp[1948]: 4 [e25270e321] SimpleSAML\Module\saml\Error\NoPassive: Passive authentication not supported./NoPassive
Aug 12 08:39:48 dc1 check_nrpe: Remote 192.168.0.219 accepted a Version 3 Packet
Aug 12 08:39:50 dc1 simplesamlphp[1964]: 5 STAT [e25270e321] Unsuccessful login attempt from 192.168.0.43.

I think about Restore a Backup from Yesterday morning where both UMCs on Primary and Backup were at least accessable.

Point 2 and 3: Remove Samba and its Connector from a powered of Machine is hopefully unproblematical if Step 1 is done correct.

Point 4 and 5: Those sound accaptable. Anyway does it feel like fixing Symptoms not the source of Pain

May i mention that all those Troubles started with a Broken Master-Server:

  1. There is no failed.ldif on the backup-server or on the Primary

All in all at the moment i think the problem is still on the Primary-Server and all other Problems are only Symptoms caused by that Problems.
I really would appreciate your Opinion to this.

Thank you
Matthias