Univention Domain join failed after upgrade from UCS 4.8. to 5.0

Hi, after upgrading my UCS 4.8 to 5.0 i’m not able any more to join linux clients to the domain.

the error is:
“The domain join failed: get admin DN failed with: b’ldap_sasl_interactive_bind_s: Other (e.g., implementation specific) error (80)\n\tadditional info: SASL(-1): generic failure: GSSAPI Error: No credentials were supplied, or the credentials were unavailable or inaccessible. (unknown mech-code 0 for mech unknown)\n’ For further information look at univention-domain-join-gui.log in the user home directory”

With the windows clients the join is succesfull but after the join i can’t find the clients in the ldap tree.
I have managed to find the client with this command
“univention-s4search | grep Computername”
but with univention-ldapsearch or ldapsearch the client could not be found.

Thanks in advance.
Ramazan

Then you should check the connector:

good morning SirTux,
thank you for your reply.
I have followed the steps in that document.
At the end i have this rejected item now and nothing has changed and the item appears at the next sync.

"univention-s4connector-list-rejected
UCS rejected
S4 rejected
1: S4 DN: CN=Administrator,CN=Users,DC=domain,DC=de
UCS DN:
last synced USN: 0
"
In the logfile /var/log/univention/connector-s4.log is this entry.
LDAP (INFO ): Lost connection to the LDAP server. Trying to reconnect …

the log file univention/connector-s4-status.log shows the error.
" s4.init_group_cache()
File “/usr/lib/python3/dist-packages/univention/s4connector/s4/init.py”, line 648, in init_group_cache
for ucs_group in self.search_ucs(filter=‘objectClass=univentionGroup’, attr=[‘uniqueMember’]):
File “/usr/lib/python3/dist-packages/univention/s4connector/init.py”, line 545, in search_ucs
result = self.lo.search(filter=filter, base=base, scope=scope, attr=attr, unique=unique, required=required, timeout=timeout, sizelimit=sizelimit)
File “/usr/lib/python3/dist-packages/univention/admin/uldap.py”, line 683, in search
raise univention.admin.uexceptions.ldapError(_err2str(msg), original_exception=msg)
univention.admin.uexceptions.ldapError: Insufficient access"

Hi,
after explicitly setting the variables in the registry,
connector/ldap/binddn: dn=admin,dc=domain,dc=de
connector/ldap/bindpw: /etc/ldap.secret
connector/ldap/port: 7389
the synchronization now works.

Unfortunately I still can’t join a client to the domain.

The error message is the same.
“The domain join failed: get admin DN failed with: b’ldap_sasl_interactive_bind_s: Other (e.g., implementation specific) error (80)\n\tadditional info: SASL(-1): generic failure: GSSAPI Error: No credentials were supplied, or the credentials were unavailable or inaccessible. (unknown mech-code 0 for mech unknown)\n’ For further information look at univention-domain-join-gui.log in the user home directory”