LDAP plötzlich nicht erreichbar

UCS - Univention Corporate Server
#1

Hallo zusammen,

seit heute sendet ein UCS Domain Master Server (der einzig existierende) an “root” Mails mit diesem Inhalt:

Cron <root@ucs>   [ -x /usr/lib/univention-pam/ldap-group-to-file.py ] && /usr/lib/univention-pam/ldap-group-to-file.py --check_member
Abort: Can't contact LDAP server.

Das kommt ja von einem alle 15 Minuten laufendem Cron Job… Zusätzlich kann ich mich an der Admin Web Konsole nicht mehr anmelden, auch diese sagt, der LDAP Server wäre nicht erreichbar. Es wurde seit langer Zeit nichts an diesem Server verändert, Filesysteme haben genug Platz.
Der slapd läuft:

service slapd status
● slapd.service - LSB: OpenLDAP standalone server (Lightweight Directory Access Protocol)
   Loaded: loaded (/etc/init.d/slapd; generated; vendor preset: enabled)
   Active: active (running) since Fri 2019-08-09 02:22:25 CEST; 4min 42s ago
     Docs: man:systemd-sysv-generator(8)
  Process: 7193 ExecStop=/etc/init.d/slapd stop (code=exited, status=0/SUCCESS)
  Process: 7259 ExecStart=/etc/init.d/slapd start (code=exited, status=0/SUCCESS)
 Main PID: 7272 (slapd)
    Tasks: 4 (limit: 4915)
   Memory: 12.0M
      CPU: 120ms
   CGroup: /system.slice/slapd.service
           └─7272 /usr/sbin/slapd -h ldapi:/// ldap://:7389/ ldaps://:7636/

Aug 09 02:22:25 ucs slapd[7271]: @(#) $OpenLDAP: slapd  (Aug  6 2018 15:28:57) $
                                         Debian OpenLDAP Maintainers <pkg-openldap-devel@lists.alioth.debian.org>
Aug 09 02:22:25 ucs slapd[7271]: Loaded metadata from "/usr/share/univention-management-console/saml/idp/ucs-sso.pmci.local.xml"
Aug 09 02:22:25 ucs slapd[7271]: /etc/ldap/slapd.conf: line 198: rootdn is always granted unlimited privileges.
Aug 09 02:22:25 ucs slapd[7272]: WARNING: No dynamic config support for overlay translog.
Aug 09 02:22:25 ucs slapd[7272]: WARNING: No dynamic config support for overlay shadowbind.
Aug 09 02:22:25 ucs slapd[7272]: slapd starting
Aug 09 02:22:25 ucs slapd[7259]: Starting ldap server(s): slapd ...done.
Aug 09 02:22:25 ucs ldapsearch[7277]: DIGEST-MD5 common mech free
Aug 09 02:22:25 ucs slapd[7259]: Checking Schema ID: ...done.
Aug 09 02:22:25 ucs systemd[1]: Started LSB: OpenLDAP standalone server (Lightweight Directory Access Protocol).

Ein Restart des slapd service war unaufällig, auch im /var/log/syslog nichts besonderes:

Aug  9 02:22:20 ucs slapd[1592]: daemon: shutdown requested and initiated.
Aug  9 02:22:20 ucs slapd[1592]: slapd shutdown: waiting for 0 operations/tasks to finish
Aug  9 02:22:20 ucs slapd[1592]: slapd stopped.
Aug  9 02:22:20 ucs slapd[7193]: Stopping ldap server(s): slapd ...done.
Aug  9 02:22:20 ucs systemd[1]: Stopped LSB: OpenLDAP standalone server (Lightweight Directory Access Protocol).
Aug  9 02:22:25 ucs systemd[1]: Starting LSB: OpenLDAP standalone server (Lightweight Directory Access Protocol)...
Aug  9 02:22:25 ucs root: /etc/init.d/slapd start (pid: 7259, ppid:    1 systemd)
Aug  9 02:22:25 ucs slapd[7271]: @(#) $OpenLDAP: slapd  (Aug  6 2018 15:28:57) $#012#011Debian OpenLDAP Maintainers <pkg-openldap-devel@lists.alioth.debian.org>
Aug  9 02:22:25 ucs slapd[7271]: /etc/ldap/slapd.conf: line 198: rootdn is always granted unlimited privileges.
Aug  9 02:22:25 ucs slapd[7272]: WARNING: No dynamic config support for overlay translog.
Aug  9 02:22:25 ucs slapd[7272]: WARNING: No dynamic config support for overlay shadowbind.
Aug  9 02:22:25 ucs slapd[7272]: slapd starting
Aug  9 02:22:25 ucs slapd[7259]: Starting ldap server(s): slapd ...done.
Aug  9 02:22:25 ucs slapd[7259]: Checking Schema ID: ...done.
Aug  9 02:22:25 ucs systemd[1]: Started LSB: OpenLDAP standalone server (Lightweight Directory Access Protocol).

Ein kompletter Reboot des Servers hat ebenfalls nicht geholfen… was könnte noch das Problem sein?

Vielen Dank schon mal!
Markus

Mastodon