UCS Member DC slow when 2nd DC offline

UCS - Univention Corporate Server
#1

Hello.

We are still in the process of replacing an old small business server.
A new Windows server takes over the domain.
Univention is a Member DC and provides Kopano.
The problem is:
We would like to disconnect the SBS for test purposes (maybe several days)
to see where he is still in use.
As soon as he is disconnected from the network, all domain-dependent services working
very slowly on the Univention.
This applies to opening and work in Kopano, open GAB, e.t.c.

During the Univention installation, only the new DC was specified and the roles had already been taken over at this point.

Nothing from the old server could be found in the UCR.
Can you help me?
Sorry for my bad English. :wink:

#2

German post for reference: UCS AD Member / Kopano / LDAP langsam wenn alter DC offline

Hi @Raute,

is it only Kopano that is working slow or are there other services relying on LDAP that are slow?

What is the output of?

ucr get kopano/cfg/ldap/ldap_uri
ucr get ldap/server/name

To more clearly see what is going on from the Kopano side you can adjust the logging in server.cfg to use 0x00020006 to enable user backend debug logging. This will show ldap connects, disconnects, query times etc.

#3

Hi @fbartels,

thank you for your answer.
Sorry for my late feedback.

It´s not just the kopano.
We did some ldap queries on the command line and they were slowly, too.
At this time Kopano is just the only services were using on the UCS.

ucr get kopano/cfg/ldap/ldap_uri
just brings out the UCR Variables for the LDAP Server & Port.

ucr get ldap/server/name
just brings out the FQDN of the Univention Server.

I couldn´t enable the logging, because the old server´s hardware broke and we were forced
to uninstall the old Small Business Server very quick.

The problem can be reconstructed (I had already installed 2 dcs, then a univention with ad connect and then just switch off a dc. the ldap connection is getting slow. )and I was hoping that somewhere there is the possibility to set the univention fix to an ldap server.

The main problem seems to be that univention always has to reach all ad servers, otherwise it will be slow with queries.
I would have liked to fix that. I’m sure I’ll have the problem with a customer again soon.

#4

Ok, then I am afraid that there is nothing I can do from the application side and would recommend to open a direct support case with Univention.

#5

I have no valid service contract, so I don’t get any further.
That´s stupid.

Thank you for your help, anyway.

Mastodon