UCS Dashboard access credentials

dzidek23 · April 17, 2024, 11:52am

Hi all,

We installed the UCS Dashboard on our server but can’t figure out how to sign in.
I can’t find anywhere if there should be an additional ‘manager’ group for the users to get access or if there’s a separate user permitted to view the dashboard.

USC 5.0-6
Univention Dashboard app 3.0

jlk · April 17, 2024, 12:13pm

Hey,

By default access is only granted to users of the group Domain Admins (e.g. the user Administrator).
15.1. UCS Dashboard — Univention Corporate Server - Manual for users and administrators

So you need to add your account to that group beforehand.

Regards
Jan-Luca

dzidek23 · April 17, 2024, 12:33pm

@jlk thank for a quick reply,

Thing is, I am a domain admin, but I’m getting

Error while trying to authenticate user

Same happens to the other admin on the domain.

jlk · April 18, 2024, 1:25pm

Hey,

unfortunately that’s a bit broad for further investigation… You get the error on the login page of the dashboard, right? In that case you should be able to troubleshoot via univention-app logs admin-dashboard, for example a log in with the wrong credentials is logged like this:

logger=ldap t=2024-01-18T05:20:49.565790491+01:00 level=info msg="LDAP enabled, reading config file" file=/var/lib/univention-appcenter/apps/admin-dashboard/conf/grafana/ldap.toml
logger=ldap t=2024-01-18T05:20:49.577554964+01:00 level=info msg="Searching for user's groups" filter="(&(objectClass=posixGroup)(memberUid=Administrator))"
logger=ldap t=2024-01-18T05:20:49.581190736+01:00 level=error msg="Cannot bind user uid=Administrator,cn=users,dc=jlk-test,dc=intranet with LDAP" error="invalid username or password"
logger=context userId=0 orgId=0 uname= t=2024-01-18T05:20:49.583729234+01:00 level=error msg="Invalid username or password" error="invalid username or password" remote_addr=192.168.0.162 traceID=
logger=context userId=0 orgId=0 uname= t=2024-01-18T05:20:49.583830947+01:00 level=info msg="Request Completed" method=POST path=/login status=401 remote_addr=192.168.0.162 time_ms=20 duration=20.549971ms size=55 referer=https://pdn.jlk-test.intranet/ucs-dashboard/login handler=/login

Regards
Jan-Luca

dzidek23 · April 18, 2024, 1:59pm

Thanks for this…
I should probably start by saying that although we are using UCS for a few months, there’s just not enough information about command line tools.

I would have never guessed that you can get such comprehensive answer from the univention-app.

However, running this command I got:

logger=context userId=0 orgId=0 uname= t=2024-04-18T14:40:38.280310294+01:00 level=info msg=“Request Completed” method=GET path=/ status=302 remote_addr=10.xxx.xxx.xxx time_ms=0 duration=676.72µs size=43 referer=https://domain/univention/management/ handler=/
logger=ldap t=2024-04-18T14:40:43.680937572+01:00 level=info msg=“LDAP enabled, reading config file” file=/var/lib/univention-appcenter/apps/admin-dashboard/conf/grafana/ldap.toml
logger=context userId=0 orgId=0 uname= t=2024-04-18T14:40:43.693097213+01:00 level=error msg=“Error while trying to authenticate user” error=“dial tcp: lookup domain on 8.8.8.8:53: no such host” remote_addr=10.xxx.xxx.xxx traceID=
logger=context userId=0 orgId=0 uname= t=2024-04-18T14:40:43.693155186+01:00 level=error msg=“Request Completed” method=POST path=/login status=500 remote_addr=10.xxx.xxx.xxx time_ms=13 duration=13.192684ms size=66 referer=https://domain/ucs-dashboard/login handler=/login

error=“dial tcp: lookup domain on 8.8.8.8:53: no such host” - being the culprit

Why would it query 8.8.8.8 for a domain, when UCS is running its own DNS?

dzidek23 · April 18, 2024, 2:02pm

@jlk don’t worry too much about this, we probably can get all the required info through zabbix client.

Consider this topic closed