For those who don’t like to read that much: I got it solved:
For unknown reasons, not only the DC2 couldn’t create the /etc/univention/ssl/fqdn folders. It didn’t create SSL certificates either.
Which also caused the domain join to fail.
I found out about the missing certs, since apache2 wouldn’t start and complained about it.
I generated new certificates for DC2 on the Master DC and copied them over to DC2.
Then I started the join again.
There still seem to be some issues with the listener: On both machines I had to restart slapd and the univention-direcory-listener a few times, until “it caught”.
So: Yes, there still seem to be issues, but at least I now know where to look…
I am running into mysterious install issues with UCS 4.2.0 and 4.2.1 alike:
Install on a KVM VM (Proxmox 4.4) runs smoothly … and then something goes wrong and the installation - or rather dpkg just dies.
At least during 4-5 attemts this happened during the “univention-web-js” installation.
If an installation actually manages to go past this issue, the server will see issues during the join of a UCS domain (as backup DC).
Here I was able to tail the join.log, where it started with not finding the directory for it’s own certificates - of the top of my head: /etc/ssl/univention/%hostname% and /etc/ssl/univention/%fqdn% (Not 100% sure of the correct path name here!).
On another console I could actually create those directories and then the script moved on - until it tried to contact the DC.
The DC is up & running and functioning as it should. No firewall inbetween - and still it apparently could not connect.
Anybody else seen such issues?
And maybe have a solution?