Umbennenen DC-Master

german

#1

Im Rahmen von Migrationsvorbereitungen habe ich testweise ein DC-Master-System umbenannt von ox4ucs23 nach ox4ucs24, indem ich mit Hilfe von univention-system-setup-basis den Namen geändert habe (Warum heisst das Werkzeug nicht univention-system-setup-base?). Nach etwas längerer Zeit (ca. 0,5h wahrscheinlich bedingt durch Triggerung von OpenXchange6-Handlermodulen) und nach Neustart des Systems war das System wie gewohnt bedienbar. Auch Open-Xchange funktionierte. Ein LDAP-Ausgabe mit Hilfe von slapcat offenbarte allerdings noch die untenstehenden Rest-Einträge mit dem alten Namen ox4ucs23. Da hätte ich gerne gewusst, ob man diese eventuell mit einem LDAP-Editor manuell korrigieren oder welche Maßnahmen man ergreifen kann. Unten die entsprechenden Ausschnitte:

Kerberos
krb5PrincipalName beinhaltet alten Namen ox4ucs23
Es gibt einen Verweis auf krb5PrincipalName

dn: cn=ox4ucs24,cn=dc,cn=computers,dc=domain,dc=de
univentionServerRole: master
krb5PrincipalName: host/ox4ucs23.domain.de@DOMAIN.DE
...

Objektdefinition von krb5PrincipalName
Weiterhin sind dann im Objekt selbst krb5PrincipalName und uid betroffen

dn: krb5PrincipalName=ldap/ox4ucs23.domain.de@DOMAIN.DE,cn=kerberos,dc=domain,
 dc=de
objectClass: top
objectClass: account
objectClass: krb5Principal
objectClass: krb5KDCEntry
krb5PrincipalName: ldap/ox4ucs23.domain.de@DOMAIN.DE
uid: ldap/ox4ucs23.domain.de
...

reverse DNS-Zone 20.172.in-addr.arpa
Hier vermute ich einen Fehler in der Umbenennungsroutine für reverse DNS-Zonen. Bei allen anderen DNS-Zonen, deren Knoten in einem Netzwerk n.n.n (Netzmaske 24) liegen wurde der nSRecord ordnungsgemäß umgesetzt (ox4ucs23 nach ox4ucs24). In diesem Fall handelt es sich um einen DNS-Eintrag für ein Netzwerk der Form n.n (Netzmake 16). Das ist allerdings manuell schnell zu korrigieren.

dn: zoneName=20.172.in-addr.arpa,cn=dns,dc=domain,dc=de
nSRecord: ox4ucs23
...
sOARecord: ox4ucs23 root.domain.de. 3 28800 7200 604800 86400
...

Umbenennen Benutzer
#2

Hallo,

es wäre hier interessant zu wissen, auf welchem UCS-Versionsstand sich das System befindet.
Am einfachsten wäre es, wenn Sie uns die Ausgabe des folgenden Befehls zukommen lassen könnten:

ucr search --brief version

Mit freundlichen Grüßen,
Tim Petersen


#3

Version hatte ich vergessen. Unten die angeforderten Informationen.

mail/cyrus/version: 2.2
repository/mirror/version/end:
repository/mirror/version/start:
repository/online/component/agorum/version: 2.4
repository/online/component/dvs/version: current
repository/online/component/ox/version: current
repository/online/component/oxmobility/version: current
repository/online/component/oxoutlook/version: current
repository/online/component/oxseforucs/version: current
repository/online/component/tcs/version: current
univention-ox-directory-integration/version: 3.0.14-1.37.201108221746
update/umc/nextversion: true
version/patchlevel: 4
version/releasename: golden beech
version/security-patchlevel: 7
version/version: 2.4


#4

Hallo,

um den Verlauf der Anpassungen durch Univention-System-Setup hier nachvollziehen zu können wäre es gut, wenn Sie uns die Datei “/var/log/univention/setup.log” zukommen lassen könnten.

Mit freundlichen Grüßen,
Tim Petersen


#5

Im Anhang finden Sie die Datei (mittlerweile umbenannt nach setup.log.2, da schon länger her).

Bekommen Anhang nicht hochgeladen.

2012-03-10 22:13 running univention-system-setup

executing 09hostname_ox
TEMPLATEDN=
10
Object modified: cn=context10,cn=open-xchange,dc=domain,dc=de
context 10 changed
Object modified: cn=domain.de,cn=domain,cn=mail,dc=domain,dc=de
USERS=oxadmin
mailadmin
ar
...
ohne2
u
user oxadmin in context 10 changed
user mailadmin in context 10 changed
user ar in context 10 changed
Server response:
 OXUser_V2
	at sun.rmi.registry.RegistryImpl.lookup(RegistryImpl.java:106)
	at sun.rmi.registry.RegistryImpl_Skel.dispatch(Unknown Source)
	at sun.rmi.server.UnicastServerRef.oldDispatch(UnicastServerRef.java:386)
	at sun.rmi.server.UnicastServerRef.dispatch(UnicastServerRef.java:250)
	at sun.rmi.transport.Transport$1.run(Transport.java:159)
	at java.security.AccessController.doPrivileged(Native Method)
	at sun.rmi.transport.Transport.serviceCall(Transport.java:155)
	at sun.rmi.transport.tcp.TCPTransport.handleMessages(TCPTransport.java:535)
	at sun.rmi.transport.tcp.TCPTransport$ConnectionHandler.run0(TCPTransport.java:790)
	at sun.rmi.transport.tcp.TCPTransport$ConnectionHandler.run(TCPTransport.java:649)
	at java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecutor.java:886)
	at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:908)
	at java.lang.Thread.run(Thread.java:662)
	at sun.rmi.transport.StreamRemoteCall.exceptionReceivedFromServer(StreamRemoteCall.java:255)
	at sun.rmi.transport.StreamRemoteCall.executeCall(StreamRemoteCall.java:233)
	at sun.rmi.server.UnicastRef.invoke(UnicastRef.java:359)
	at sun.rmi.registry.RegistryImpl_Stub.lookup(Unknown Source)
	at java.rmi.Naming.lookup(Naming.java:84)
	at com.openexchange.admin.console.user.UserAbstraction.getUserInterface(UserAbstraction.java:3289)
	at com.openexchange.admin.console.user.ChangeCore.commonfunctions(ChangeCore.java:115)
	at com.openexchange.admin.console.user.Change.<init>(Change.java:77)
	at com.openexchange.admin.console.user.Change.main(Change.java:70)

user gch in context 10 could not be changed: 
Server response:
 OXUser_V2
	at sun.rmi.registry.RegistryImpl.lookup(RegistryImpl.java:106)
	at sun.rmi.registry.RegistryImpl_Skel.dispatch(Unknown Source)
	at sun.rmi.server.UnicastServerRef.oldDispatch(UnicastServerRef.java:386)
	at sun.rmi.server.UnicastServerRef.dispatch(UnicastServerRef.java:250)
	at sun.rmi.transport.Transport$1.run(Transport.java:159)
	at java.security.AccessController.doPrivileged(Native Method)
	at sun.rmi.transport.Transport.serviceCall(Transport.java:155)
	at sun.rmi.transport.tcp.TCPTransport.handleMessages(TCPTransport.java:535)
	at sun.rmi.transport.tcp.TCPTransport$ConnectionHandler.run0(TCPTransport.java:790)
	at sun.rmi.transport.tcp.TCPTransport$ConnectionHandler.run(TCPTransport.java:649)
	at java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecutor.java:886)
	at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:908)
	at java.lang.Thread.run(Thread.java:662)
	at sun.rmi.transport.StreamRemoteCall.exceptionReceivedFromServer(StreamRemoteCall.java:255)
	at sun.rmi.transport.StreamRemoteCall.executeCall(StreamRemoteCall.java:233)
	at sun.rmi.server.UnicastRef.invoke(UnicastRef.java:359)
	at sun.rmi.registry.RegistryImpl_Stub.lookup(Unknown Source)
	at java.rmi.Naming.lookup(Naming.java:84)
	at com.openexchange.admin.console.user.UserAbstraction.getUserInterface(UserAbstraction.java:3289)
	at com.openexchange.admin.console.user.ChangeCore.commonfunctions(ChangeCore.java:115)
	at com.openexchange.admin.console.user.Change.<init>(Change.java:77)
	at com.openexchange.admin.console.user.Change.main(Change.java:70)

user pm in context 10 could not be changed: 
Server response:
 OXUser_V2
	at sun.rmi.registry.RegistryImpl.lookup(RegistryImpl.java:106)
	at sun.rmi.registry.RegistryImpl_Skel.dispatch(Unknown Source)
	at sun.rmi.server.UnicastServerRef.oldDispatch(UnicastServerRef.java:386)
	at sun.rmi.server.UnicastServerRef.dispatch(UnicastServerRef.java:250)
	at sun.rmi.transport.Transport$1.run(Transport.java:159)
	at java.security.AccessController.doPrivileged(Native Method)
	at sun.rmi.transport.Transport.serviceCall(Transport.java:155)
	at sun.rmi.transport.tcp.TCPTransport.handleMessages(TCPTransport.java:535)
	at sun.rmi.transport.tcp.TCPTransport$ConnectionHandler.run0(TCPTransport.java:790)
	at sun.rmi.transport.tcp.TCPTransport$ConnectionHandler.run(TCPTransport.java:649)
	at java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecutor.java:886)
	at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:908)
	at java.lang.Thread.run(Thread.java:662)
	at sun.rmi.transport.StreamRemoteCall.exceptionReceivedFromServer(StreamRemoteCall.java:255)
	at sun.rmi.transport.StreamRemoteCall.executeCall(StreamRemoteCall.java:233)
	at sun.rmi.server.UnicastRef.invoke(UnicastRef.java:359)
	at sun.rmi.registry.RegistryImpl_Stub.lookup(Unknown Source)
	at java.rmi.Naming.lookup(Naming.java:84)
	at com.openexchange.admin.console.user.UserAbstraction.getUserInterface(UserAbstraction.java:3289)
	at com.openexchange.admin.console.user.ChangeCore.commonfunctions(ChangeCore.java:115)
	at com.openexchange.admin.console.user.Change.<init>(Change.java:77)
	at com.openexchange.admin.console.user.Change.main(Change.java:70)

user azb0150 in context 10 could not be changed: 
Server response:
 OXUser_V2
	at sun.rmi.registry.RegistryImpl.lookup(RegistryImpl.java:106)
	at sun.rmi.registry.RegistryImpl_Skel.dispatch(Unknown Source)
	at sun.rmi.server.UnicastServerRef.oldDispatch(UnicastServerRef.java:386)
	at sun.rmi.server.UnicastServerRef.dispatch(UnicastServerRef.java:250)
	at sun.rmi.transport.Transport$1.run(Transport.java:159)
	at java.security.AccessController.doPrivileged(Native Method)
	at sun.rmi.transport.Transport.serviceCall(Transport.java:155)
	at sun.rmi.transport.tcp.TCPTransport.handleMessages(TCPTransport.java:535)
	at sun.rmi.transport.tcp.TCPTransport$ConnectionHandler.run0(TCPTransport.java:790)
	at sun.rmi.transport.tcp.TCPTransport$ConnectionHandler.run(TCPTransport.java:649)
	at java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecutor.java:886)
	at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:908)
	at java.lang.Thread.run(Thread.java:662)
	at sun.rmi.transport.StreamRemoteCall.exceptionReceivedFromServer(StreamRemoteCall.java:255)
	at sun.rmi.transport.StreamRemoteCall.executeCall(StreamRemoteCall.java:233)
	at sun.rmi.server.UnicastRef.invoke(UnicastRef.java:359)
	at sun.rmi.registry.RegistryImpl_Stub.lookup(Unknown Source)
	at java.rmi.Naming.lookup(Naming.java:84)
	at com.openexchange.admin.console.user.UserAbstraction.getUserInterface(UserAbstraction.java:3289)
	at com.openexchange.admin.console.user.ChangeCore.commonfunctions(ChangeCore.java:115)
	at com.openexchange.admin.console.user.Change.<init>(Change.java:77)
	at com.openexchange.admin.console.user.Change.main(Change.java:70)

user fz in context 10 could not be changed: 
Server response:
 OXUser_V2
	at sun.rmi.registry.RegistryImpl.lookup(RegistryImpl.java:106)
	at sun.rmi.registry.RegistryImpl_Skel.dispatch(Unknown Source)
	at sun.rmi.server.UnicastServerRef.oldDispatch(UnicastServerRef.java:386)
	at sun.rmi.server.UnicastServerRef.dispatch(UnicastServerRef.java:250)
	at sun.rmi.transport.Transport$1.run(Transport.java:159)
	at java.security.AccessController.doPrivileged(Native Method)
	at sun.rmi.transport.Transport.serviceCall(Transport.java:155)
	at sun.rmi.transport.tcp.TCPTransport.handleMessages(TCPTransport.java:535)
	at sun.rmi.transport.tcp.TCPTransport$ConnectionHandler.run0(TCPTransport.java:790)
	at sun.rmi.transport.tcp.TCPTransport$ConnectionHandler.run(TCPTransport.java:649)
	at java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecutor.java:886)
	at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:908)
	at java.lang.Thread.run(Thread.java:662)
	at sun.rmi.transport.StreamRemoteCall.exceptionReceivedFromServer(StreamRemoteCall.java:255)
	at sun.rmi.transport.StreamRemoteCall.executeCall(StreamRemoteCall.java:233)
	at sun.rmi.server.UnicastRef.invoke(UnicastRef.java:359)
	at sun.rmi.registry.RegistryImpl_Stub.lookup(Unknown Source)
	at java.rmi.Naming.lookup(Naming.java:84)
	at com.openexchange.admin.console.user.UserAbstraction.getUserInterface(UserAbstraction.java:3289)
	at com.openexchange.admin.console.user.ChangeCore.commonfunctions(ChangeCore.java:115)
	at com.openexchange.admin.console.user.Change.<init>(Change.java:77)
	at com.openexchange.admin.console.user.Change.main(Change.java:70)

user sn in context 10 could not be changed: 
Server response:
 error during JRMP connection establishment; nested exception is: 
	java.net.SocketException: Connection reset
	at sun.rmi.transport.tcp.TCPChannel.createConnection(TCPChannel.java:286)
	at sun.rmi.transport.tcp.TCPChannel.newConnection(TCPChannel.java:184)
	at sun.rmi.server.UnicastRef.newCall(UnicastRef.java:322)
	at sun.rmi.registry.RegistryImpl_Stub.lookup(Unknown Source)
	at java.rmi.Naming.lookup(Naming.java:84)
	at com.openexchange.admin.console.user.UserAbstraction.getUserInterface(UserAbstraction.java:3289)
	at com.openexchange.admin.console.user.ChangeCore.commonfunctions(ChangeCore.java:115)
	at com.openexchange.admin.console.user.Change.<init>(Change.java:77)
	at com.openexchange.admin.console.user.Change.main(Change.java:70)

user ug in context 10 could not be changed: 
Error: Connection refused to host: localhost; nested exception is: 
	java.net.ConnectException: Connection refused
user wen in context 10 could not be changed: 
Error: Connection refused to host: localhost; nested exception is: 
	java.net.ConnectException: Connection refused
user perspruef in context 10 could not be changed: 
Error: Connection refused to host: localhost; nested exception is: 
	java.net.ConnectException: Connection refused
user fe in context 10 could not be changed: 
Error: Connection refused to host: localhost; nested exception is: 
	java.net.ConnectException: Connection refused
user zentrale in context 10 could not be changed: 
Error: Connection refused to host: localhost; nested exception is: 
	java.net.ConnectException: Connection refused
user he in context 10 could not be changed: 
Server response:
 OXUser_V2
	at sun.rmi.registry.RegistryImpl.lookup(RegistryImpl.java:106)
	at sun.rmi.registry.RegistryImpl_Skel.dispatch(Unknown Source)
	at sun.rmi.server.UnicastServerRef.oldDispatch(UnicastServerRef.java:386)
	at sun.rmi.server.UnicastServerRef.dispatch(UnicastServerRef.java:250)
	at sun.rmi.transport.Transport$1.run(Transport.java:159)
	at java.security.AccessController.doPrivileged(Native Method)
	at sun.rmi.transport.Transport.serviceCall(Transport.java:155)
	at sun.rmi.transport.tcp.TCPTransport.handleMessages(TCPTransport.java:535)
	at sun.rmi.transport.tcp.TCPTransport$ConnectionHandler.run0(TCPTransport.java:790)
	at sun.rmi.transport.tcp.TCPTransport$ConnectionHandler.run(TCPTransport.java:649)
	at java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecutor.java:886)
	at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:908)
	at java.lang.Thread.run(Thread.java:662)
	at sun.rmi.transport.StreamRemoteCall.exceptionReceivedFromServer(StreamRemoteCall.java:255)
	at sun.rmi.transport.StreamRemoteCall.executeCall(StreamRemoteCall.java:233)
	at sun.rmi.server.UnicastRef.invoke(UnicastRef.java:359)
	at sun.rmi.registry.RegistryImpl_Stub.lookup(Unknown Source)
	at java.rmi.Naming.lookup(Naming.java:84)
	at com.openexchange.admin.console.user.UserAbstraction.getUserInterface(UserAbstraction.java:3289)
	at com.openexchange.admin.console.user.ChangeCore.commonfunctions(ChangeCore.java:115)
	at com.openexchange.admin.console.user.Change.<init>(Change.java:77)
	at com.openexchange.admin.console.user.Change.main(Change.java:70)

user brh in context 10 could not be changed: 
Server response:
 com.openexchange.admin.rmi.exceptions.PoolException: SRV-0001 Category=4 Message=The required service com.openexchange.database.DatabaseService is temporary not available. Please try again later. exceptionID=601456784-2
	at com.openexchange.admin.storage.mysqlStorage.OXToolMySQLStorage.selectwithint(OXToolMySQLStorage.java:1809)
	at com.openexchange.admin.storage.mysqlStorage.OXToolMySQLStorage.existsContext(OXToolMySQLStorage.java:192)
	at com.openexchange.admin.rmi.impl.BasicAuthenticator.doAuthentication(BasicAuthenticator.java:184)
	at com.openexchange.admin.rmi.impl.OXUser.getModuleAccess(OXUser.java:953)
	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
	at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
	at java.lang.reflect.Method.invoke(Method.java:597)
	at sun.rmi.server.UnicastServerRef.dispatch(UnicastServerRef.java:305)
	at sun.rmi.transport.Transport$1.run(Transport.java:159)
	at java.security.AccessController.doPrivileged(Native Method)
	at sun.rmi.transport.Transport.serviceCall(Transport.java:155)
	at sun.rmi.transport.tcp.TCPTransport.handleMessages(TCPTransport.java:535)
	at sun.rmi.transport.tcp.TCPTransport$ConnectionHandler.run0(TCPTransport.java:790)
	at sun.rmi.transport.tcp.TCPTransport$ConnectionHandler.run(TCPTransport.java:649)
	at java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecutor.java:886)
	at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:908)
	at java.lang.Thread.run(Thread.java:662)
	at sun.rmi.transport.StreamRemoteCall.exceptionReceivedFromServer(StreamRemoteCall.java:255)
	at sun.rmi.transport.StreamRemoteCall.executeCall(StreamRemoteCall.java:233)
	at sun.rmi.server.UnicastRef.invoke(UnicastRef.java:142)
	at java.rmi.server.RemoteObjectInvocationHandler.invokeRemoteMethod(RemoteObjectInvocationHandler.java:178)
	at java.rmi.server.RemoteObjectInvocationHandler.invoke(RemoteObjectInvocationHandler.java:132)
	at $Proxy0.getModuleAccess(Unknown Source)
	at com.openexchange.admin.console.user.ChangeCore.commonfunctions(ChangeCore.java:128)
	at com.openexchange.admin.console.user.Change.<init>(Change.java:77)
	at com.openexchange.admin.console.user.Change.main(Change.java:70)

user zn in context 10 could not be changed: 
Server response:
 com.openexchange.admin.rmi.exceptions.PoolException: SRV-0001 Category=4 Message=The required service com.openexchange.database.DatabaseService is temporary not available. Please try again later. exceptionID=601456784-6
	at com.openexchange.admin.storage.mysqlStorage.OXToolMySQLStorage.selectwithint(OXToolMySQLStorage.java:1809)
	at com.openexchange.admin.storage.mysqlStorage.OXToolMySQLStorage.existsContext(OXToolMySQLStorage.java:192)
	at com.openexchange.admin.rmi.impl.BasicAuthenticator.doAuthentication(BasicAuthenticator.java:184)
	at com.openexchange.admin.rmi.impl.OXUser.getModuleAccess(OXUser.java:953)
	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
	at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
	at java.lang.reflect.Method.invoke(Method.java:597)
	at sun.rmi.server.UnicastServerRef.dispatch(UnicastServerRef.java:305)
	at sun.rmi.transport.Transport$1.run(Transport.java:159)
	at java.security.AccessController.doPrivileged(Native Method)
	at sun.rmi.transport.Transport.serviceCall(Transport.java:155)
	at sun.rmi.transport.tcp.TCPTransport.handleMessages(TCPTransport.java:535)
	at sun.rmi.transport.tcp.TCPTransport$ConnectionHandler.run0(TCPTransport.java:790)
	at sun.rmi.transport.tcp.TCPTransport$ConnectionHandler.run(TCPTransport.java:649)
	at java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecutor.java:886)
	at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:908)
	at java.lang.Thread.run(Thread.java:662)
	at sun.rmi.transport.StreamRemoteCall.exceptionReceivedFromServer(StreamRemoteCall.java:255)
	at sun.rmi.transport.StreamRemoteCall.executeCall(StreamRemoteCall.java:233)
	at sun.rmi.server.UnicastRef.invoke(UnicastRef.java:142)
	at java.rmi.server.RemoteObjectInvocationHandler.invokeRemoteMethod(RemoteObjectInvocationHandler.java:178)
	at java.rmi.server.RemoteObjectInvocationHandler.invoke(RemoteObjectInvocationHandler.java:132)
	at $Proxy0.getModuleAccess(Unknown Source)
	at com.openexchange.admin.console.user.ChangeCore.commonfunctions(ChangeCore.java:128)
	at com.openexchange.admin.console.user.Change.<init>(Change.java:77)
	at com.openexchange.admin.console.user.Change.main(Change.java:70)

user all in context 10 could not be changed: 
Server response:
 com.openexchange.admin.rmi.exceptions.PoolException: SRV-0001 Category=4 Message=The required service com.openexchange.database.DatabaseService is temporary not available. Please try again later. exceptionID=601456784-10
	at com.openexchange.admin.storage.mysqlStorage.OXToolMySQLStorage.selectwithint(OXToolMySQLStorage.java:1809)
	at com.openexchange.admin.storage.mysqlStorage.OXToolMySQLStorage.existsContext(OXToolMySQLStorage.java:192)
	at com.openexchange.admin.rmi.impl.BasicAuthenticator.doAuthentication(BasicAuthenticator.java:184)
	at com.openexchange.admin.rmi.impl.OXUser.getModuleAccess(OXUser.java:953)
	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
	at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
	at java.lang.reflect.Method.invoke(Method.java:597)
	at sun.rmi.server.UnicastServerRef.dispatch(UnicastServerRef.java:305)
	at sun.rmi.transport.Transport$1.run(Transport.java:159)
	at java.security.AccessController.doPrivileged(Native Method)
	at sun.rmi.transport.Transport.serviceCall(Transport.java:155)
	at sun.rmi.transport.tcp.TCPTransport.handleMessages(TCPTransport.java:535)
	at sun.rmi.transport.tcp.TCPTransport$ConnectionHandler.run0(TCPTransport.java:790)
	at sun.rmi.transport.tcp.TCPTransport$ConnectionHandler.run(TCPTransport.java:649)
	at java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecutor.java:886)
	at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:908)
	at java.lang.Thread.run(Thread.java:662)
	at sun.rmi.transport.StreamRemoteCall.exceptionReceivedFromServer(StreamRemoteCall.java:255)
	at sun.rmi.transport.StreamRemoteCall.executeCall(StreamRemoteCall.java:233)
	at sun.rmi.server.UnicastRef.invoke(UnicastRef.java:142)
	at java.rmi.server.RemoteObjectInvocationHandler.invokeRemoteMethod(RemoteObjectInvocationHandler.java:178)
	at java.rmi.server.RemoteObjectInvocationHandler.invoke(RemoteObjectInvocationHandler.java:132)
	at $Proxy0.getModuleAccess(Unknown Source)
	at com.openexchange.admin.console.user.ChangeCore.commonfunctions(ChangeCore.java:128)
	at com.openexchange.admin.console.user.Change.<init>(Change.java:77)
	at com.openexchange.admin.console.user.Change.main(Change.java:70)

user uhe in context 10 changed
user br in context 10 changed
user gr in context 10 changed
...
user ohne2 in context 10 changed
user u in context 10 changed
context 10 changed
Object modified: cn=domain.com,cn=domain,cn=mail,dc=domain,dc=de
USERS=
 * Stopping NSCD
.
Stopping Heimdal password server: kpasswdd.
Stopping Heimdal KDC: heimdal-kdc.
 * Stopping univention-directory-notifier daemon: 
ok: down: univention-directory-notifier: 0s
   ...done.
Sa 10. Mär 22:21:33 CET 2012 : Configure hostname in LDAP :  ox4ucs24
Traceback (most recent call last):
  File "/usr/share/univention-directory-manager-tools/univention-cli-server", line 233, in doit
    output = univention.admincli.admin.doit(arglist)
  File "/usr/lib/python2.4/site-packages/univention/admincli/admin.py", line 916, in doit
    dn=object.modify()
  File "/usr/lib/python2.4/site-packages/univention/admin/handlers/__init__.py", line 318, in modify
    return self._modify(modify_childs,ignore_license=ignore_license)
  File "/usr/lib/python2.4/site-packages/univention/admin/handlers/__init__.py", line 802, in _modify
    self._ldap_post_modify()
  File "/usr/lib/python2.4/site-packages/univention/admin/handlers/computers/domaincontroller_master.py", line 580, in _ldap_post_modify
    univention.admin.handlers.simpleComputer._ldap_post_modify( self )
  File "/usr/lib/python2.4/site-packages/univention/admin/handlers/__init__.py", line 1739, in _ldap_post_modify
    self.__rename_dns_object( position = None, old_name = self.__changes[ 'name' ][ 0 ], new_name = self.__changes[ 'name' ][ 1 ] )
  File "/usr/lib/python2.4/site-packages/univention/admin/handlers/__init__.py", line 1273, in __rename_dns_object
    results = self.lo.searchdn( base = dnsaliaszonecontainer, scope = 'domain', filter = 'relativedomainname=%s' % alias, unique = 0 )
AttributeError: access instance has no attribute 'searchdn'
Sa 10. Mär 22:21:33 CET 2012 : Configure hostname for groupware account in LDAP:  ox4ucs24.domain.de
Rename Result: No such object (32)
Matched DN: cn=templates,cn=univention,dc=domain,dc=de
Changing cn=UNIVENTION_PING,cn=nagios,dc=domain,dc=de
Changing cn=UNIVENTION_DISK_ROOT,cn=nagios,dc=domain,dc=de
Changing cn=UNIVENTION_DNS,cn=nagios,dc=domain,dc=de
Changing cn=UNIVENTION_LDAP,cn=nagios,dc=domain,dc=de
Changing cn=UNIVENTION_NTP,cn=nagios,dc=domain,dc=de
Changing cn=UNIVENTION_SMTP,cn=nagios,dc=domain,dc=de
Changing cn=UNIVENTION_SSL,cn=nagios,dc=domain,dc=de
Changing cn=UNIVENTION_REPLICATION,cn=nagios,dc=domain,dc=de
Changing cn=UNIVENTION_NSCD,cn=nagios,dc=domain,dc=de
Changing cn=UNIVENTION_KPASSWDD,cn=nagios,dc=domain,dc=de
Changing cn=UNIVENTION_JOINSTATUS,cn=nagios,dc=domain,dc=de
Changing cn=UNIVENTION_CUPS,cn=nagios,dc=domain,dc=de
new_hostdn=cn=ox4ucs24,cn=dc,cn=computers,dc=domain,dc=de
Sa 10. Mär 22:21:34 CET 2012 : Configure  host DN in baseconfig :  cn=ox4ucs24,cn=dc,cn=computers,dc=domain,dc=de
Setting ldap/hostdn
File: /etc/cron.d/univention-directory-policy
File: /etc/runit/univention-directory-listener/run
Sa 10. Mär 22:21:34 CET 2012 : Configure  hostname in baseconfig :  ox4ucs24
sys:1: DeprecationWarning: Non-ASCII character '\xc3' in file <stdin> on line 11, but no encoding declared; see http://www.python.org/peps/pep-0263.html for details
Setting hostname
Multifile: /etc/ldap/slapd.conf
Multifile: /etc/postfix/master.cf
Multifile: /etc/postfix/main.cf
File: /etc/apache2/sites-available/default
File: /etc/apache2/mods-available/ssl.conf
File: /etc/hostname
Multifile: /etc/hosts
File: /etc/mailname
File: /etc/postfix/transport
Multifile: /var/www/ucs-overview/de.html
Multifile: /var/www/ucs-overview/en.html
File: /etc/imapd/imapd.conf
File: /etc/imapd/pam_ldap_imap.conf
File: /etc/amavis/conf.d/60-univention
File: /etc/procmailrc
File: /opt/open-xchange/etc/groupware/usm.properties
File: /etc/cups/cupsd.conf
Sa 10. Mär 22:21:38 CET 2012 : Configure  mail alias for root user in baseconfig :  oxadmin@domain.de
Setting mail/alias/root
File: /etc/aliases
Sa 10. Mär 22:21:38 CET 2012 : Configure  Kerberos key distribution center in baseconfig :  ox4ucs23.domain.de
Setting kerberos/kdc
File: /etc/krb5.conf
Sa 10. Mär 22:21:39 CET 2012 : Configure  Kerberos admin server in baseconfig :  ox4ucs23.domain.de
Setting kerberos/adminserver
File: /etc/krb5.conf
Sa 10. Mär 22:21:39 CET 2012 : Configure  CUPS print server in baseconfig :  ox4ucs23.domain.de
Setting cups/server
File: /etc/cups/client.conf
Multifile: /etc/samba/smb.conf
Sa 10. Mär 22:21:40 CET 2012 : Configure LDAP master in baseconfig :  ox4ucs23.domain.de
sys:1: DeprecationWarning: Non-ASCII character '\xc3' in file <stdin> on line 11, but no encoding declared; see http://www.python.org/peps/pep-0263.html for details
Setting ldap/master
Multifile: /etc/ldap/slapd.conf
File: /etc/ntp.conf
File: /etc/default/ntpdate
Multifile: /var/www/ucs-overview/de.html
Multifile: /var/www/ucs-overview/en.html
File: /etc/nagios/nrpe.cfg
Sa 10. Mär 22:21:42 CET 2012 : Configure LDAP name  in baseconfig : 
Sa 10. Mär 22:21:42 CET 2012 : Configure LDAP server name  in baseconfig :  ox4ucs23.domain.de
Setting ldap/server/name
Multifile: /etc/postfix/master.cf
Multifile: /etc/postfix/main.cf
File: /etc/pam.d/smtp
File: /etc/postfix/sasl/pam_ldap_smtp.conf
File: /etc/krb5.conf
File: /etc/pam_ldap_imap.conf
File: /etc/pam.d/imap
File: /etc/pam.d/sieve
File: /etc/imapd/imapd.conf
File: /etc/imapd/pam_ldap_imap.conf
File: /etc/pam.d/imap
File: /etc/pam.d/pop
File: /etc/pam.d/sieve
File: /etc/pam.d/pop
File: /etc/libnss-ldap.conf
File: /etc/pam_ldap.conf
File: /etc/ldap/ldap.conf
File: /etc/dhcp3/dhcpd.conf
File: /etc/cups/client.conf
File: /opt/open-xchange/etc/authplugin.properties
Multifile: /etc/samba/smb.conf
File: /etc/pam.d/pop
Sa 10. Mär 22:21:45 CET 2012 : Configure server for Samba home directories  in baseconfig :  ox4ucs23
Setting samba/homedirserver
Multifile: /etc/samba/smb.conf
Sa 10. Mär 22:21:46 CET 2012 : Configure server for Samba profiles  in baseconfig :  ox4ucs23
Setting samba/profileserver
Multifile: /etc/samba/smb.conf
Sa 10. Mär 22:21:46 CET 2012 : Configure online repository server  in baseconfig :  apt.univention.de
Sa 10. Mär 22:21:46 CET 2012 : Configure mirror repository server  in baseconfig : 
Sa 10. Mär 22:21:46 CET 2012 : Configure permitted mail hosts for Postfix in baseconfig :  ox4ucs23.domain.de
Setting postfix/permithosts
Multifile: /etc/postfix/master.cf
Sa 10. Mär 22:21:47 CET 2012 : Configure apt source for new hostname :  ox4ucs24
Sa 10. Mär 22:21:47 CET 2012 : Configure host name in /etc/group :  ox4ucs24
Sa 10. Mär 22:21:47 CET 2012 : Configure host name in /etc/gshadow :  ox4ucs24
Sa 10. Mär 22:21:47 CET 2012 : Configure cups admin e-mail address in baseconfig :  root@domain.de
Setting cups/admin
File: /etc/cups/cupsd.conf
Sa 10. Mär 22:21:47 CET 2012 : Configure cups quota admin e-mail address in baseconfig : 
Sa 10. Mär 22:21:47 CET 2012 : Configure e-mail alias for root in baseconfig :  oxadmin@domain.de
Setting mail/alias/root
File: /etc/aliases
Sa 10. Mär 22:21:48 CET 2012 : Configure e-mail globalfolder for spam in baseconfig :  spam@domain.de
Setting mail/antispam/globalfolder
File: /var/spool/sieve/global.sieve
Sa 10. Mär 22:21:48 CET 2012 : Configure the mail cyrus caluser in baseconfig : 
Sa 10. Mär 22:21:48 CET 2012 : Configure the mail cyrus admins in baseconfig : 
Sa 10. Mär 22:21:48 CET 2012 : Configure the virus admin email address in baseconfig : 
Sa 10. Mär 22:21:48 CET 2012 : Configure the ssl email address in baseconfig :  ssl@domain.de
Setting ssl/email
Sa 10. Mär 22:21:48 CET 2012 : Commit changes to file managed by baseconfig
File: /etc/libnss-ldap.conf
File: /etc/pam_ldap.conf
File: /etc/ldap/ldap.conf
File: /etc/dhcp3/dhcpd.conf
Multifile: /etc/samba/smb.conf
Creating certificate: ox4ucs24.domain.de
Generating RSA private key, 1024 bit long modulus
........................................................................................................................++++++
.......................................++++++
e is 65537 (0x10001)
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [DE]:State or Province Name (full name) [Deutschland]:Locality Name (eg, city) [Bremen]:Organization Name (eg, company) [domain GmbH]:Organizational Unit Name (eg, section) [EDV]:Common Name (eg, YOUR name) [ox4ucs24.domain.de]:Email Address [ssl@domain.de]:
Please enter the following 'extra' attributes
to be sent with your certificate request
A challenge password []:An optional company name [Univention GmbH]:yes: Standardausgabe: Datenübergabe unterbrochen (broken pipe)
yes: Schreibfehler
Using configuration from openssl.cnf
Check that the request matches the signature
Signature ok
The Subject's Distinguished Name is as follows
countryName           :PRINTABLE:'DE'
stateOrProvinceName   :PRINTABLE:'Deutschland'
localityName          :PRINTABLE:'Bremen'
organizationName      :PRINTABLE:'domain GmbH'
organizationalUnitName:PRINTABLE:'EDV'
commonName            :PRINTABLE:'ox4ucs24.domain.de'
emailAddress          :IA5STRING:'ssl@domain.de'
Certificate is to be certified until Mar  9 21:21:50 2017 GMT (1825 days)

Write out database with 1 new entries
Data Base Updated
Sa 10. Mär 22:21:50 CET 2012 : Create new host certificate
Sa 10. Mär 22:21:50 CET 2012 : Include new host certificate for Cyrus
Sa 10. Mär 22:21:50 CET 2012 : Restart LDAP server
 * Stopping ldap server(s): slapd
   ...done.
Check database: done
   * Starting ldap server(s): slapd
.
 * Starting NSCD
.
Starting Heimdal KDC: heimdal-kdc.
Starting Heimdal password server: kpasswdd.
Sa 10. Mär 22:21:56 CET 2012 : Setting new hostname into effect for Kerberos
kadmin: ext host/ox4ucs24.domain.de@domain.DE: Principal does not exist
kadmin: ext ldap/ox4ucs24.domain.de@domain.DE: Principal does not exist
Sa 10. Mär 22:21:57 CET 2012 : Configure DNS service record location : 0 0 389 ox4ucs24.domain.de.
Object modified: relativeDomainName=_ldap._tcp,zoneName=domain.de,cn=dns,dc=domain,dc=de
Sa 10. Mär 22:21:57 CET 2012 : Configure DNS service record location : 0 0 0 ox4ucs24.domain.de.
Object modified: relativeDomainName=_domaincontroller_master._tcp,zoneName=domain.de,cn=dns,dc=domain,dc=de
Sa 10. Mär 22:21:57 CET 2012 : Configure DNS service record location : 0 0 88 ox4ucs24.domain.de.
Object modified: relativeDomainName=_kerberos._tcp,zoneName=domain.de,cn=dns,dc=domain,dc=de
Sa 10. Mär 22:21:57 CET 2012 : Configure DNS service record location : 0 0 88 ox4ucs24.domain.de.
Object modified: relativeDomainName=_kerberos._udp,zoneName=domain.de,cn=dns,dc=domain,dc=de
Sa 10. Mär 22:21:57 CET 2012 : Configure DNS service record location : 0 0 88 ox4ucs24.domain.de.
Object modified: relativeDomainName=_kerberos-adm._tcp,zoneName=domain.de,cn=dns,dc=domain,dc=de
Sa 10. Mär 22:21:58 CET 2012 : Configure DNS service record location : 0 0 5432 ox4ucs24.domain.de.
Object modified: relativeDomainName=_pkgdb._tcp,zoneName=domain.de,cn=dns,dc=domain,dc=de
Sa 10. Mär 22:21:58 CET 2012 : Configure DNS alias : ox4ucs24
Object modified: relativeDomainName=univention-directory-manager,zoneName=domain.de,cn=dns,dc=domain,dc=de
Sa 10. Mär 22:21:58 CET 2012 : Change DNS forward zone :
Sa 10. Mär 22:21:58 CET 2012 : Remove DNS zone entry : ox4ucs23.domain.de.
Sa 10. Mär 22:21:58 CET 2012 : Add DNS zone entry : ox4ucs24.domain.de.
Object modified: zoneName=domain.de,cn=dns,dc=domain,dc=de
Sa 10. Mär 22:21:58 CET 2012 : Change DNS forward zone :
Sa 10. Mär 22:21:58 CET 2012 : Remove DNS zone entry : ox4ucs23.domain.de.
Sa 10. Mär 22:21:58 CET 2012 : Add DNS zone entry : ox4ucs24.domain.de.
Object modified: zoneName=media.domain.de,cn=subdomains,cn=dns,dc=domain,dc=de
Sa 10. Mär 22:22:02 CET 2012 : Configure DNS reverse entry (PTR record) : ox4ucs24.domain.de.
Object modified: zoneName=98.168.192.in-addr.arpa,cn=dns,dc=domain,dc=de
Sa 10. Mär 22:22:02 CET 2012 : Configure DNS reverse entry (PTR record) : ox4ucs24.domain.de.
Object modified: zoneName=100.9.192.in-addr.arpa,cn=dns,dc=domain,dc=de
Sa 10. Mär 22:22:02 CET 2012 : Configure DNS reverse entry (PTR record) : ox4ucs24.domain.de.
Object modified: zoneName=200.9.192.in-addr.arpa,cn=dns,dc=domain,dc=de
Sa 10. Mär 22:22:02 CET 2012 : Configure DNS reverse entry (PTR record) : ox4ucs24.domain.de.
Object modified: zoneName=211.9.192.in-addr.arpa,cn=dns,dc=domain,dc=de
Sa 10. Mär 22:22:02 CET 2012 : Configure DNS reverse entry (PTR record) : ox4ucs24.domain.de.
Object modified: zoneName=221.9.192.in-addr.arpa,cn=dns,dc=domain,dc=de
Sa 10. Mär 22:22:02 CET 2012 : Configure DNS reverse entry (PTR record) : ox4ucs24.domain.de.
Object modified: zoneName=0.168.192.in-addr.arpa,cn=dns,dc=domain,dc=de
Sa 10. Mär 22:22:02 CET 2012 : Configure DNS reverse entry (PTR record) : ox4ucs24.domain.de.
Object modified: zoneName=1.168.192.in-addr.arpa,cn=dns,dc=domain,dc=de
Sa 10. Mär 22:22:03 CET 2012 : Configure DNS reverse entry (PTR record) : ox4ucs24.domain.de.
Object modified: zoneName=105.168.192.in-addr.arpa,cn=dns,dc=domain,dc=de
Sa 10. Mär 22:22:03 CET 2012 : Configure DNS reverse entry (PTR record) : ox4ucs24.domain.de.
Object modified: zoneName=10.168.192.in-addr.arpa,cn=dns,dc=domain,dc=de
Sa 10. Mär 22:22:03 CET 2012 : Configure DNS reverse entry (PTR record) : ox4ucs24.domain.de.
Object modified: zoneName=11.168.192.in-addr.arpa,cn=dns,dc=domain,dc=de
Sa 10. Mär 22:22:03 CET 2012 : Configure DNS reverse entry (PTR record) : ox4ucs24.domain.de.
Object modified: zoneName=31.168.192.in-addr.arpa,cn=dns,dc=domain,dc=de
Sa 10. Mär 22:22:03 CET 2012 : Configure DNS reverse entry (PTR record) : ox4ucs24.domain.de.
Object modified: zoneName=107.168.192.in-addr.arpa,cn=dns,dc=domain,dc=de
Sa 10. Mär 22:22:03 CET 2012 : Configure DNS reverse entry (PTR record) : ox4ucs24.domain.de.
Object modified: zoneName=110.168.192.in-addr.arpa,cn=dns,dc=domain,dc=de
Sa 10. Mär 22:22:03 CET 2012 : Configure DNS reverse entry (PTR record) : ox4ucs24.domain.de.
Object modified: zoneName=140.168.192.in-addr.arpa,cn=dns,dc=domain,dc=de
Sa 10. Mär 22:22:03 CET 2012 : Configure DNS reverse entry (PTR record) : ox4ucs24.domain.de.
Object modified: zoneName=170.168.192.in-addr.arpa,cn=dns,dc=domain,dc=de
Sa 10. Mär 22:22:03 CET 2012 : Configure DNS reverse entry (PTR record) : ox4ucs24.domain.de.
Object modified: zoneName=253.168.192.in-addr.arpa,cn=dns,dc=domain,dc=de
Sa 10. Mär 22:22:03 CET 2012 : Configure DNS reverse entry (PTR record) : ox4ucs24.domain.de.
Object modified: zoneName=10.168.10.in-addr.arpa,cn=dns,dc=domain,dc=de
Sa 10. Mär 22:22:03 CET 2012 : Configure DNS reverse entry (PTR record) : ox4ucs24.domain.de.
Object modified: zoneName=9.168.10.in-addr.arpa,cn=dns,dc=domain,dc=de
Sa 10. Mär 22:22:03 CET 2012 : Configure DNS reverse entry (PTR record) : ox4ucs24.domain.de.
Object modified: zoneName=254.168.192.in-addr.arpa,cn=dns,dc=domain,dc=de
Sa 10. Mär 22:22:04 CET 2012 : Configure DNS reverse entry (PTR record) : ox4ucs24.domain.de.
Object modified: zoneName=9.168.192.in-addr.arpa,cn=dns,dc=domain,dc=de
Sa 10. Mär 22:22:04 CET 2012 : Configure DNS reverse entry (PTR record) : ox4ucs24.domain.de.
Object modified: zoneName=6.168.192.in-addr.arpa,cn=dns,dc=domain,dc=de
Sa 10. Mär 22:22:04 CET 2012 : Configure DNS reverse entry (PTR record) : ox4ucs24.domain.de.
Object modified: zoneName=191.168.192.in-addr.arpa,cn=dns,dc=domain,dc=de
Sa 10. Mär 22:22:04 CET 2012 : Configure DNS reverse entry (PTR record) : ox4ucs24.domain.de.
Object modified: zoneName=192.168.192.in-addr.arpa,cn=dns,dc=domain,dc=de
Sa 10. Mär 22:22:04 CET 2012 : Configure DNS reverse entry (PTR record) : ox4ucs24.domain.de.
Object modified: zoneName=8.168.192.in-addr.arpa,cn=dns,dc=domain,dc=de
Sa 10. Mär 22:22:04 CET 2012 : Configure DNS reverse entry (PTR record) : ox4ucs24.domain.de.
Object modified: zoneName=5.168.192.in-addr.arpa,cn=dns,dc=domain,dc=de
Sa 10. Mär 22:22:04 CET 2012 : Configure DNS reverse entry (PTR record) : ox4ucs24.domain.de.
Object modified: zoneName=99.168.192.in-addr.arpa,cn=dns,dc=domain,dc=de
Sa 10. Mär 22:22:04 CET 2012 : Configure DNS reverse entry (PTR record) : ox4ucs24.domain.de.
Object modified: zoneName=180.168.192.in-addr.arpa,cn=dns,dc=domain,dc=de
Sa 10. Mär 22:22:04 CET 2012 : Configure DNS reverse entry (PTR record) : ox4ucs24.domain.de.
Object modified: zoneName=171.168.192.in-addr.arpa,cn=dns,dc=domain,dc=de
Sa 10. Mär 22:22:04 CET 2012 : Configure DNS reverse entry (PTR record) : ox4ucs24.domain.de.
Object modified: zoneName=41.168.192.in-addr.arpa,cn=dns,dc=domain,dc=de
Sa 10. Mär 22:22:04 CET 2012 : Configure DNS reverse entry (PTR record) : ox4ucs24.domain.de.
Object modified: zoneName=0.17.172.in-addr.arpa,cn=dns,dc=domain,dc=de
Sa 10. Mär 22:22:04 CET 2012 : Configure DNS reverse entry (PTR record) : ox4ucs24.domain.de.
Object modified: zoneName=1.100.10.in-addr.arpa,cn=dns,dc=domain,dc=de
Sa 10. Mär 22:22:04 CET 2012 : Configure DNS reverse entry (PTR record) : ox4ucs24.domain.de.
Object modified: zoneName=1.101.10.in-addr.arpa,cn=dns,dc=domain,dc=de
Sa 10. Mär 22:22:05 CET 2012 : Configure DNS reverse entry (PTR record) : ox4ucs24.domain.de.
Object modified: zoneName=1.200.10.in-addr.arpa,cn=dns,dc=domain,dc=de
Sa 10. Mär 22:22:05 CET 2012 : Configure DHCP server : ox4ucs24
Object modified: cn=ox4ucs23,cn=domain.de,cn=dhcp,dc=domain,dc=de
Sa 10. Mär 22:22:05 CET 2012 : Configure admin attribute fileServer : ox4ucs24.domain.de
WARNING: cannot remove ox4ucs23 from fileServer, value does not exist
Object modified: cn=default-settings,cn=thinclient,cn=policies,dc=domain,dc=de
Object modified: cn=ucs-repository,cn=ox4ucs23.domain.de,cn=shares,dc=domain,dc=de
Object modified: cn=MACMon-autoimport,cn=shares,dc=domain,dc=de
Object modified: cn=pdfPrinterShare,cn=shares,dc=domain,dc=de
Sa 10. Mär 22:22:07 CET 2012 : Configure admin attribute spoolHost : ox4ucs24.domain.de
WARNING: cannot remove ox4ucs23 from spoolHost, value does not exist
Object modified: cn=tst,cn=printers,dc=domain,dc=de
Object modified: dc=domain,dc=de
Sa 10. Mär 22:22:07 CET 2012 : Create share container for LDAP base  dc=domain,dc=de : ox4ucs24.domain.de
Object created: cn=ox4ucs24.domain.de,cn=shares,dc=domain,dc=de
Sa 10. Mär 22:22:08 CET 2012 : Move share container : cn=ox4ucs24.domain.de,cn=shares,dc=domain,dc=de
Object modified: cn=ucs-repository,cn=ox4ucs23.domain.de,cn=shares,dc=domain,dc=de
Sa 10. Mär 22:22:08 CET 2012 : Remove container : cn=ox4ucs23.domain.de,cn=shares,dc=domain,dc=de
Object removed: cn=ox4ucs23.domain.de,cn=shares,dc=domain,dc=de
 * Starting Univention Directory Notifier daemon
ok: run: univention-directory-notifier: (pid 31807) 0s, normally down
   ...done.
 * Stopping univention-bind daemon:
   ...done.
 * Stopping univention-bind-proxy daemon: 
   ...done.
Stopping Heimdal password server: kpasswdd.
Stopping Heimdal KDC: heimdal-kdc.
 * Starting univention-bind daemon:
   ...done.
 * Starting univention-bind-proxy daemon:
   ...done.
Starting Heimdal KDC: heimdal-kdc.
Starting Heimdal password server: kpasswdd.
 * Reloading Postfix configuration
   ...done.
Setting stored password for "cn=admin,dc=domain,dc=de" in secrets.tdb
 * Stopping Samba daemons: nmbd
 * Stopping Samba daemons: smbd
   ...done.
 * Starting Samba daemons: nmbd
 * Starting Samba daemons: smbd
   ...done.
 * Stopping univention-directory-listener daemon
   ...done.
 * Starting univention-directory-listener daemon
   ...done.

#6

Hallo,

Um hier den Principal auf Ihrem Testsystem zu korrigieren ist es vermutlich ausreichend, diesen mit einem LDAP-Editor anzupassen und im Anschluss über den UDM-Cli das Maschinenpasswort neu zu setzen.
Hierzu gern beispielhaft ein UDM-Aufruf:

udm computers/domaincontroller_master modify --dn cn=master,cn=dc,cn=computers,dc=domain,dc=local --set password=$(cat /etc/machine.secret)

Dieses Verhalten wurde zu UCS 3.0 behoben.

Mit freundlichen Grüßen,
Tim Petersen


#7

LDAP-Änderungen vorgenommen. In slapcat-Ausgabe ist kein ox4ucs23 mehr auffindbar.
Ausführung des Befehls ergibt aber weiteren TraceBack.

root@ox4ucs24:~# udm computers/domaincontroller_master modify --dn cn=master,cn= dc,cn=computers,dc=domain,dc=de --set password=$(cat /etc/machine.secret) Traceback (most recent call last): File "/usr/share/univention-directory-manager-tools/univention-cli-server", line 233, in doit output = univention.admincli.admin.doit(arglist) File "/usr/lib/python2.4/site-packages/univention/admincli/admin.py", line 860, in doit object.open() File "/usr/lib/python2.4/site-packages/univention/admin/handlers/computers/dom aincontroller_master.py", line 439, in open self['primaryGroup']=None File "/usr/lib/python2.4/site-packages/univention/admin/handlers/__init__.py", line 2305, in __setitem__ super(simpleComputer, self).__setitem__(key, value) File "/usr/lib/python2.4/site-packages/univention/admin/handlers/__init__.py", line 192, in __setitem__ raise univention.admin.uexceptions.valueRequired, _('The property %s is required') % self.descriptions[key].short_description valueRequired: The property Primary group is required

Unten gleich ein LDIF-Export des Knotens:

dn: cn=ox4ucs24,cn=dc,cn=computers,dc=domain,dc=de univentionServerRole: master aRecord: 192.168.98.16 loginShell: /bin/sh uidNumber: 2001 krb5KDCFlags: 126 krb5MaxRenew: 604800 homeDirectory: /dev/null krb5MaxLife: 86400 associatedDomain: domain.de gidNumber: 5005 univentionNagiosEnabled: 1 univentionService: ox univentionService: Software Monitor seeAlso: cn=DC Slave Hosts,cn=groups,dc=domain,dc=de seeAlso: cn=DC Backup Hosts,cn=groups,dc=domain,dc=de seeAlso: cn=Windows Hosts,cn=groups,dc=domain,dc=de seeAlso: cn=Computers,cn=groups,dc=domain,dc=de sambaSID: S-1-5-21-3337506086-3871218678-1542260769-5002 sambaAcctFlags: [S ] macAddress: 00:0c:29:6a:df:4b objectClass: top objectClass: person objectClass: univentionHost objectClass: univentionDomainController objectClass: krb5Principal objectClass: krb5KDCEntry objectClass: posixAccount objectClass: shadowAccount objectClass: univentionNagiosHostClass objectClass: sambaSamAccount objectClass: domainHost description: DC Master (Testsystem) sambaLMPassword: CDB76F2AC8C506460A530785788AB89F sambaNTPassword: 7D406C608BFB0836873A2B6737C43124 sambaPwdLastSet: 1316455866 sn: ox4ucs24 cn: ox4ucs24 uid: ox4ucs24$ displayName: ox4ucs24 krb5Key:: MC2hKzApoAMCARKhIgQgN53cDs0cN4pRI0d4T+czvlIx8UK40ce4u+cKAO+A7BA= krb5Key:: MB2hGzAZoAMCARGhEgQQ5khX3hpEtzjcnYyxDL6W3Q== krb5Key:: MCWhIzAhoAMCARChGgQYecjB6m7pnoUEWIXWufQaoY+htTvWv6L9 krb5Key:: MCWhIzAhoAMCAQWhGgQYZxk4mN8TxEBU0NOKGtaYpJdUVM3Og22Y krb5Key:: MB2hGzAZoAMCARehEgQQ+Z+n63iYc0GSQQPeeZxo1Q== krb5Key:: MBWhEzARoAMCAQOhCgQIFfjy8lL0kj0= krb5Key:: MBWhEzARoAMCAQKhCgQIFfjy8lL0kj0= krb5Key:: MBWhEzARoAMCAQGhCgQIFfjy8lL0kj0= krb5KeyVersionNumber: 33 userPassword: {crypt}$1$g9VdAeDb$2AoSOslJsE7G5KQLH6l2F. krb5PrincipalName: host/ox4ucs24.domain.de@DOMAIN.DE


#8

Hallo,

eventuell habe ich mich missverständlich ausgedrückt - für den UDM-Cli Aufruf muss selbstverständlich die DN des Masters übergeben werden.

[quote=“saacke”]LDAP-Änderungen vorgenommen. In slapcat-Ausgabe ist kein ox4ucs23 mehr auffindbar.
Ausführung des Befehls ergibt aber weiteren TraceBack.

root@ox4ucs24:~# udm computers/domaincontroller_master modify --dn cn=master,cn=dc,cn=computers,dc=domain,dc=de --set password=$(cat /etc/machine.secret) .....
Unten gleich ein LDIF-Export des Knotens:

dn: cn=ox4ucs24,cn=dc,cn=computers,dc=domain,dc=de ..... [/quote]
Der korrekte Aufruf müsste folglich folgendermaßen lauten:

udm computers/domaincontroller_master modify --dn cn=ox4ucs23,cn=dc,cn=computers,dc=domain,dc=de --set password=$(cat /etc/machine.secret)

Mit freundlichen Grüßen,
Tim Petersen


#9

Mit ox4ucs24 statt ox4ucs23 geht’s dann tatsächlich.
Hatte “master” übersehen (Vielleicht solche variablen Angaben als kennzeichnen).
Traceback ist aber auf jeden Fall unschön.

root@ox4ucs24:/tmp# udm computers/domaincontroller_master modify --dn cn=ox4ucs24,cn=dc,cn=computers,dc=domain,dc=de --set password=$(cat /etc/machine.secret) Object modified: cn=ox4ucs24,cn=dc,cn=computers,dc=saacke,dc=de

Danach Neustart -> root-Anmeldung ist möglich.

Nach Anmeldung an die Web-GUI von UDM erschien der Hinweis
“Das Zertifikat der Zertifizierungsstelle (Root CA) läuft in 25 Tagen ab”
aber das mag auch korrekt sein.

Das sollte es erst einmal gewesen sein. Danke für die Hilfe.