Problem:
Der Join ist erfolgreich durchgelaufen, allerdings fehlen erwartete Funktionen.
Investigation:
Liegt der Server in seiner OU?
univention-ldapsearch -LLL cn=schul-repl1 1.1
dn: cn=schul-repl1,cn=sun,cn=dhcp,ou=sun,dc=schein,dc=me
dn: cn=schul-repl1,cn=dc,cn=server,cn=computers,ou=sun,dc=schein,dc=me
Im Join.log kann man prüfen, welche Rolle installiert wurde.
Found hooks:
cn=ucsschool-join-hook.py,cn=data,cn=univention,dc=schein,dc=me
Running: ucsschool-join-hook.py (cn=ucsschool-join-hook.py,cn=data,cn=univention,dc=schein,dc=me) in /tmp/tmprXBNiM/tmp9O4kBo
2023-01-02 15:48:17,442 ucsschool-join-hook: [INFO] ucsschool-join-hook.py has been started
2023-01-02 15:48:17,444 ucsschool-join-hook: [INFO] Connecting to LDAP as ‘uid=Administrator,cn=users,dc=schein,dc=me’ …
2023-01-02 15:48:17,633 ucsschool-join-hook: [INFO] Found installed metapackage ‘ucs-school-central-slave’. Reusing it.
2023-01-02 15:48:17,634 ucsschool-join-hook: [INFO] Determined role packages: [‘ucs-school-central-slave’]
2023-01-02 15:48:17,634 ucsschool-join-hook: [INFO] Calling (’/usr/bin/univention-app’, ‘info’, ‘–as-json’) …
2023-01-02 15:48:18,707 ucsschool-join-hook: [INFO] Installed apps: [u’ucsschool=4.4 v9’]
2023-01-02 15:48:18,707 ucsschool-join-hook: [INFO] Is ucsschool already installed? True (4.4 v9)
2023-01-02 15:48:18,707 ucsschool-join-hook: [INFO] Not installing ‘UCS@school Veyon Proxy’ app on this system role.
2023-01-02 15:48:18,708 ucsschool-join-hook: [INFO] ucsschool-join-hook.py is done
dpkg -l |grep ucs-school-central-slave
sollte nicht gefunden werden
Solution:
Der Server wurde nicht richtig als Schulserver angelegt.
Um das zu korrigieren, gibt es zwei Möglichkeiten.
- neu aufsetzten und sicherstellen, dass er richtig angelegt wird.
Step 1
Den alten Server löschen. (braucht nicht ausgeschaltet werden) Artikel 10362
Step 2
Das ucs-school-central-slave deinstallieren:
univention-app remove ucsschool oder apt-get remove ucs-school-central-slave
Step 3
Die ggf vorhandene OU mit dem neuen Server verknüpfen.
Auf dem Primary
create_ou EXISTIERENDE_OU NEUER_DC_NAME
root@dc0:~# /usr/share/ucs-school-import/scripts/create_ou --help
usage: create_ou [-h] [--sharefileserver SHAREFILESERVER]
[--displayName DISPLAYNAME] [--infile INFILE]
[--alter-dhcpd-base {true,false,auto}] [-v]
[ou_name] [educational_dc_name] [administrative_dc_name]
create school container for UCS@school
positional arguments:
ou_name name of ou that shall be created or verified
educational_dc_name hostname of the educational DC for specified OU (if
dc_name is not specified "dc<ou_name>" will beused as
the default for the domaincontroller name)
administrative_dc_name
hostname of the administrative DC for the specified OU
BSP:
/usr/share/ucs-school-import/scripts/create_ou sun schul-repl1
Es kann sein, dass das Skript am Ende einen Fehler wirft:
[....]
Error while creating ou-default-ucr-policy for sun: Error creating 'policies/registry' object: Object exists. (cn=ou-default-ucr-policy,cn=policies,ou=sun,dc=schein,dc=me)
DHCPDNSPolicy for sun exists already.
Attaching UMCPolicy(name='schoolimport-all', school='sun', dn='cn=schoolimport-all,cn=UMC,cn=policies,dc=schein,dc=me') to Group(name='sun-import-all', school='sun', dn='cn=sun-import-all,cn=groups,ou=sun,dc=schein,dc=me')
Already attached!
Creating Container(name='examusers', school='sun', dn='cn=examusers,ou=sun,dc=schein,dc=me')
Error creating OU 'sun'.
Created OU: sun
Das kann in diesen speziellen Einzelfall ignoriert werden. In der UMC unter Schulen kann kontrolliert werden, dass das Schulobjekt die Schulou anzeigt.
Wenn das richtig angezeigt wird, kann der Schulserver erneut mit univention-join gejeoined werden.
Das sollte dann so aussehen:
univention-join-hooks: looking for hook type “join/pre-joinscripts” on schul-repl1.schein.me
Found hooks:
cn=ucsschool-join-hook.py,cn=data,cn=univention,dc=schein,dc=me
Running: ucsschool-join-hook.py (cn=ucsschool-join-hook.py,cn=data,cn=univention,dc=schein,dc=me) in /tmp/tmpQdlpxO/tmpPDhOm0
2022-03-30 15:17:31,361 ucsschool-join-hook: [INFO] ucsschool-join-hook.py has been started
2022-03-30 15:17:31,363 ucsschool-join-hook: [INFO] Connecting to LDAP as ‘uid=Administrator,cn=users,dc=schein,dc=me’ …
2022-03-30 15:17:31,860 ucsschool-join-hook: [INFO] Host is member of following groups: [‘cn=DC Slave Hosts,cn=groups,dc=schein,dc=me’, ‘cn=DC-Edukativnetz,cn=ucsschool,cn=groups,dc=schein,dc=me’, ‘cn=OUsun-DC-Edukativnetz,cn=ucsschool,cn=groups,dc=schein,dc=me’]
2022-03-30 15:17:31,861 ucsschool-join-hook: [INFO] Determined role packages: [‘ucs-school-slave’]
2022-03-30 15:17:31,861 ucsschool-join-hook: [INFO] Calling (’/usr/bin/univention-app’, ‘info’, ‘–as-json’) …
2022-03-30 15:17:33,123 ucsschool-join-hook: [INFO] Installed apps: [u’dhcp-server=12.0’, u’prometheus-node-exporter=1.1’, u’samba4=4.10’, u’squid=3.5’, u’ucsschool-veyon-proxy=1.1’]
2022-03-30 15:17:33,124 ucsschool-join-hook: [INFO] Is ucsschool already installed? False
2022-03-30 15:17:33,124 ucsschool-join-hook: [INFO] Calling (‘univention-ssh’, ‘/etc/machine.secret’, ‘schul-repl1$@dc01.schein.me’, ‘/usr/sbin/ucr get version/version’) …
2022-03-30 15:17:34,308 ucsschool-join-hook: [INFO] Calling (‘ucr’, ‘get’, ‘version/version’) …
2022-03-30 15:17:34,353 ucsschool-join-hook: [INFO] Master version: u’4.4’
2022-03-30 15:17:34,354 ucsschool-join-hook: [INFO] Local version: u’4.4’
2022-03-30 15:17:34,354 ucsschool-join-hook: [INFO] Calling (‘univention-ssh’, ‘/etc/machine.secret’, ‘schul-repl1$@dc01.schein.me’, ‘/usr/bin/univention-app info --as-json’) …
2022-03-30 15:17:36,831 ucsschool-join-hook: [INFO] Found UCS@school version u’4.4 v9’ on DC master.
2022-03-30 15:17:36,831 ucsschool-join-hook: [INFO] Checking app version dependencies…
2022-03-30 15:17:36,832 ucsschool-join-hook: [INFO] UCS@school version u’4.4 v9’ can be installed.
2022-03-30 15:17:36,833 ucsschool-join-hook: [INFO] repository/online: ‘yes’
2022-03-30 15:17:36,833 ucsschool-join-hook: [INFO] Updating app center information…
2022-03-30 15:17:36,833 ucsschool-join-hook: [INFO] Calling (’/usr/bin/univention-app’, ‘update’) …
2022-03-30 15:17:44,234 ucsschool-join-hook: [INFO] Installing ucsschool=4.4 v9 …
2022-03-30 15:17:44,287 ucsschool-join-hook: [INFO] Calling (’/usr/bin/univention-app’, ‘install’, u’ucsschool=4.4 v9’, ‘–skip-check’, ‘must_have_valid_license’, ‘–do-not-call-join-scripts’, ‘–noninteractive’, ‘–do-not-revert’, ‘–username’, u’Administrator’, ‘–pwdfile’, ‘/tmp/tmp.CtEtiHfhnn/dcpwd’) …
2022-03-30 15:18:13,602 ucsschool-join-hook: [INFO] Not all required packages installed - calling univention-install…
2022-03-30 15:18:13,602 ucsschool-join-hook: [INFO] Calling (‘univention-install’, ‘–force-yes’, ‘–yes’, ‘ucs-school-slave’) …