Locked out of UCS


#1

A variety of issues happening with my UCS server:

Last week, an enduser of OwnCloud let me know they could not log in. It came down to finding out that the authentication between OwnCloud and LDAP broke. LDAP was looking to the UCS server itself for authentication (this was defaulted so I left it as is). It appears, the DNS entries on our domain were missing so I recreated them and this fixed the OwnCloud issue.

I also have RocketChat installed - This did not resolve RocketChat issues (users who stayed logged in weren’t affected however no one could log on if you logged off).

NOW- I am locked out completely out of UCS. It appears it cannot talk to itself via DNS name. OwnCloud is broken again as well. I cannot log in as the Administrator into the Univention System and Domain settings as it thinks I’m using the domain Administrator account (I could have sworn there was a local Admin account? - I can however access the root user but I cannot make any domain changes)

Log under /var/log/:
Jul 8 15:45:05 lss-ucs python2.7: pam_ldap: error trying to bind as user “uid=xx,ou=xx,ou=xx,ou=xx,dc=xx,dc=xx” (Invalid credentials)
Jul 8 15:45:18 lss-ucs python2.7: saml_msg is too small: minlength = 128

Log under /var/auth/ :
Jul 8 15:45:05 lss-ucs python2.7: pam_unix(univention-management-console:auth): authentication failure; logname= uid=0 euid=0 tty= ruser= rhost= user=userxx
Jul 8 15:45:05 lss-ucs python2.7: pam_krb5(univention-management-console:auth): authentication failure; logname=userxx uid=0 euid=0 tty= ruser= rhost=

Anyone know where this all went wrong?