Problem: After rejoining a school slave, lots of objects are missing

Problem:

After rejoining a school slave, lots of objects are missing E.g. Students are missing on a educativ slave, or stuff objects are missing on an administrative slave, but the computerobjects are all replicated and useable.

Environment:

In this case, the system crashed and had to be reinstalled. Maybe there wend something more wrong so the serverobject was deleted and readded manually.

Solution:

The serverobject was created in the correct place, underneath the chool OU, but the server was not member of the absolutly required groups Dc-Verwaltungsnetz und OUsun-DC-Verwaltungsnetz, bzw. DC-Edukativnetz and OUsun-DC-Edukativnetz

You can put the slave in these groups via udm:
udm computers/domaincontroller_slave modify --dn 'cn=slave,cn=dc,cn=server,cn=computers,ou=sun,dc=schein,dc=me' --append groups="cn=DC-Verwaltungsnetz,cn=ucsschool,cn=groups,dc=schein,dc=me" --append groups="cn=OUsun-DC-Verwaltungsnetz,cn=ucsschool,cn=groups,dc=schein,dc=me"

The reasons for this behaviour are the read restrictions via ldap acls for the slave

Mastodon