Raising the domain/forest level had no impact in the lab. We have tried using our Primary AD Server and our Secondary AD Server in the Active Directory Connection wizard. Both by FQDN and by IP. With no success with either one. We have opened all AD required firewall ports and added UCS Domain Master ports to be open on the Windows Firewalls, we have checked for any routing issues and those have been corrected, still no success.
This worked prior to rebuilding UCS under 4.1-4.
The only error we are getting in this whole thing is in the log file /var/log/univention/management-console-module-adconnector.log and the entry is:
; <<>> DiG 9.8.4-rpz2+rl005.12-P1 <<>> @104.153.46.198
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 37147
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;. IN NS
;; Query time: 112 msec
;; SERVER: 104.153.46.198#53(104.153.46.198)
;; WHEN: Thu Dec 1 13:39:07 2016
;; MSG SIZE rcvd: 17
01.12.16 13:39:07.277 MODULE ( PROCESS ) : stderr:
01.12.16 13:39:07.370 MODULE ( PROCESS ) : AD Info: {‘Domain’: ‘bebconsultingservices.com’, ‘LDAP Base’: ‘DC=bebconsultingservices,DC=com’, ‘Forest’: ‘bebconsultingservices.com’, ‘Client Site’: ‘Default-First-Site-Name’, ‘DC Netbios Name’: ‘BEBW12MTASVRP1’, ‘DC DNS Name’: ‘BEBW12MTASVRP1.bebconsultingservices.com’, ‘Netbios Domain’: ‘BEBCONSULTING’, ‘DC IP’: ‘104.153.46.198’, ‘Server Site’: ‘Default-First-Site-Name’}
01.12.16 13:39:07.479 MODULE ( WARN ) : Failure:
01.12.16 13:39:07.479 MODULE ( PROCESS ) : The command has failed: Could not connect to AD Server BEBW12MTASVRP1.bebconsultingservices.com. Please verify that username and password are correct.
01.12.16 13:49:07.144 MAIN ( WARN ) : Shutting down all open connections
01.12.16 13:49:40.521 DEBUG_INIT
01.12.16 13:50:15.946 MODULE ( PROCESS ) : Lookup ADDS DC
01.12.16 13:50:16.005 MODULE ( PROCESS ) : running [‘dig’, '@104.153.46.198’]
01.12.16 13:50:16.140 MODULE ( PROCESS ) : stdout:
; <<>> DiG 9.8.4-rpz2+rl005.12-P1 <<>> @104.153.46.198
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 10904
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;. IN NS
;; Query time: 112 msec
;; SERVER: 104.153.46.198#53(104.153.46.198)
;; WHEN: Thu Dec 1 13:50:16 2016
;; MSG SIZE rcvd: 17
01.12.16 13:50:16.140 MODULE ( PROCESS ) : stderr:
01.12.16 13:50:16.236 MODULE ( PROCESS ) : AD Info: {‘Domain’: ‘bebconsultingservices.com’, ‘LDAP Base’: ‘DC=bebconsultingservices,DC=com’, ‘Forest’: ‘bebconsultingservices.com’, ‘Client Site’: ‘Default-First-Site-Name’, ‘DC Netbios Name’: ‘BEBW12MTASVRP1’, ‘DC DNS Name’: ‘BEBW12MTASVRP1.bebconsultingservices.com’, ‘Netbios Domain’: ‘BEBCONSULTING’, ‘DC IP’: ‘104.153.46.198’, ‘Server Site’: ‘Default-First-Site-Name’}
01.12.16 13:50:16.344 MODULE ( WARN ) : Failure:
01.12.16 13:50:16.344 MODULE ( PROCESS ) : The command has failed: Could not connect to AD Server BEBW12MTASVRP1.bebconsultingservices.com. Please verify that username and password are correct.
01.12.16 14:00:16.316 MAIN ( WARN ) : Shutting down all open connections
These logs are empty…
ad-connector-certificate.log
connector.log
The log file connector-status.log has this…
root@bebucsmtasvrp5:/var/log/univention# cat connector-status.log
Thu Dec 1 13:10:36 2016
connector/ad/ldap/host not set
We have tried several different passwords for Administrator on the Windows Side. All with the same error. We REALLY need to get this working. To provide UCS Resources to Windows Users and Windows Resources to UCS Users.
I am pushing to get formal Univention Support Subscription purchased, but that will take several weeks to get approved.