Univention-Join Fails: File still in use: /var/lib/univention-directory-replication/failed.ldif

german
ucs-4
join

#1

Hallo,

ich habe zwei UCS Installationen (Master, Slave).
Vor ein paar Tagen ist mir aufgefallen, dass der Slave nicht mehr über die letzten Änderungen von User-Settings im LDAP verfügt. Ich habe dann herausgefunden, dass ein “failed.ldif” existiert und die Anweisungen von http://sdb.univention.de/content/14/292/en/what-to-do-if-a-failedldif-is-found.html befolgt.

Das hat alles nichts geholfen, also habe ich versucht den Server neu zu joinen. Leider ohne erfolg. Auch hier kam die Meldung mit dem failed.ldif.
Ich habe zwischenzeitlich auch mal versucht, das Server im PDC zu löschen per
udm computers/domaincontroller_slave remove --dn="cn=ucs2,cn=dc,cn=computers,dc=intranet,dc=tobiaslorentz,dc=de"
Dies hat aber an den Fehlern nichts geändert. Der Join läuft bis zum zweiten Join-Script:

root@ucs2:~# univention-join
univention-join: joins a computer to an ucs domain
copyright (c) 2001-2017 Univention GmbH, Germany

Enter DC Master Account : Administrator
Enter DC Master Password: 

Search DC Master:                                          done
Check DC Master:                                           done
Stop S4-Connector:                                         done
Stop LDAP Server:                                          done
Stop Samba Server:                                         done
Search ldap/base                                           done
Start LDAP Server:                                         done
Search LDAP binddn                                         done
Sync time:                                                 done
Join Computer Account:                                     done
Stopping univention-directory-listener daemon:  done
Sync ldap-backup.secret:                                   done
Check TLS connection:                                      done
Download host certificate: .                               done
Restart LDAP Server:                                       done
Sync Kerberos settings:                                    done
Not updating kerberos/adminserver
Configure 01univention-ldap-server-init.inst               done
Configure 03univention-directory-listener.inst             done


**************************************************************************
* Join failed!                                                           *
* Contact your system administrator                                      *
**************************************************************************
* Message:  FAILED: failed.ldif exists.
**************************************************************************

In der /var/log/univention/listener.log steht dann folgendes drin:

Try to sync changes stored in /var/lib/univention-directory-replication/failed.ldif into local LDAP
                     BEN.        PID ZUGR.  BEFEHL
/var/lib/univention-directory-replication/failed.ldif:
                     root      22900 F.... univention-dire
File still in use: /var/lib/univention-directory-replication/failed.ldif
Try to sync changes stored in /var/lib/univention-directory-replication/failed.ldif into local LDAP
                     BEN.        PID ZUGR.  BEFEHL
/var/lib/univention-directory-replication/failed.ldif:
                     root      22900 F.... univention-dire
File still in use: /var/lib/univention-directory-replication/failed.ldif
Try to sync changes stored in /var/lib/univention-directory-replication/failed.ldif into local LDAP
                     BEN.        PID ZUGR.  BEFEHL
/var/lib/univention-directory-replication/failed.ldif:
                     nagios    23773 F.... nrpe
File still in use: /var/lib/univention-directory-replication/failed.ldif
02.04.17 12:15:47.712  DEBUG_INIT
UNIVENTION_DEBUG_BEGIN  : uldap.__open host=ucs.intranet.tobiaslorentz.de port=7389 base=dc=intranet,dc=tobiaslorentz,dc=de
UNIVENTION_DEBUG_END    : uldap.__open host=ucs.intranet.tobiaslorentz.de port=7389 base=dc=intranet,dc=tobiaslorentz,dc=de

Mich wunder hier das “File still in use”. Daher habe ich den Server neugstartet, hat aber nichts geändert.

In der failed.ldif scheint der komplette Inhalt der LDAP zu stehen. Als ersten Eintrag steht da der “dns-ucs2” (ucs2 ist der Hostname) Eintrag:

dn: uid=dns-ucs2,cn=users,dc=intranet,dc=tobiaslorentz,dc=de
changetype: add
kopanoAccount: 0
uid: dns-ucs2
krb5PrincipalName: dns-ucs2@INTRANET.TOBIASLORENTZ.DE
objectClass: krb5KDCEntry
objectClass: krb5Principal
objectClass: ast4ucsUser
objectClass: univentionFetchmail
objectClass: automount
objectClass: nextcloudUser
objectClass: top
objectClass: univentionSAMLEnabled
objectClass: sambaSamAccount
objectClass: person
objectClass: univentionPWHistory
objectClass: univentionMail
objectClass: univentionObject
objectClass: shadowAccount
objectClass: univentionFreeAttributes
objectClass: inetOrgPerson
objectClass: organizationalPerson
objectClass: posixAccount
objectClass: kopano-user
uidNumber: 2046
sambaAcctFlags: [U          ]
sambaPasswordHistory: [....]
kopanoAdmin: 0
entryUUID: e8dbd954-a5e0-1036-96c8-99a9b3499ddc
structuralObjectClass: inetOrgPerson
krb5MaxLife: 86400
shadowLastChange: 17250
cn: none
creatorsName: cn=admin,dc=intranet,dc=tobiaslorentz,dc=de
krb5Key:: MB2hGzAZoAMCARehEgQQj+p50LAcZ83m7CKyHBkUcw==
krb5Key:: MEOhEzARoAMCAQOhCgQIhmcZwY+MvOWiLDAqoAMCAQOhIwQhSU
 5UUkFORVQuVE9CSUFTTE9SRU5UWi5ERWRucy11Y3My
krb5Key:: MEOhEzARoAMCAQGhCgQIhmcZwY+MvOWiLDAqoAMCAQOhIwQhSU
 5UUkFORVQuVE9CSUFTTE9SRU5UWi5ERWRucy11Y3My
krb5MaxRenew: 604800
createTimestamp: 20170325195641Z
krb5KeyVersionNumber: 2
nextcloudEnabled: 1
loginShell: /bin/bash
univentionObjectType: users/user
krb5KDCFlags: 126
gidNumber: 5001
kopano4ucsRole: none
entryCSN: 20170326175923.478963Z#000000#000#000000
sambaPwdLastSet: 1490471396
sambaPrimaryGroupSID: S-1-5-21-1212620523-3129351964-3415023
 209-513
sambaNTPassword:[....]
modifyTimestamp: 20170326175923Z
displayName: none
memberOf: cn=domain users,cn=groups,dc=intranet,dc=tobiaslor
 entz,dc=de
modifiersName: uid=tobias,cn=users,dc=intranet,dc=tobiaslore
 ntz,dc=de
sambaSID: S-1-5-21-1212620523-3129351964-3415023209-2105
kopanoSharedStoreOnly: 0
gecos: none
sn: none
pwhistory: $6$rZ0NQ43y/ZJe4gBc$ey7enAYwiik68KxSLacjngFSa4V3w
 vWTh64zo1nxXbsumTvmBxlCQHyfn1Q21xjqUg4FTLU6cSi63ENDkZBvN0
homeDirectory: /home/dns-ucs2
univentionFetchmailProtocol: IMAP
userPassword: [....]

Schon mal vielen Dank für die Unterstützung!

Tobias Lorentz


#2

Hier noch der Inhalt des join.log Teil 1 (ist zu lang für einen Post):

Sun Apr  2 12:12:19 CEST 2017: starting /usr/sbin/univention-join 
running version check
OK: UCS version on ucs.intranet.tobiaslorentz.de is higher or equal (4.14) to the local version (4.14).
Stopping univention-s4-connector daemon.
failed.
Stopping ldap server(s): slapd ...done.
Stopping Samba AD DC daemon: samba.
Samba is configured as AD DC, service smbd is controlled by the main samba daemon.
Stopping NetBIOS name server: nmbd.
Starting ldap server(s): slapd ...done.
Sun Apr  2 12:12:49 CEST 2017
univention-server-join: joins a server to an univention domain
copyright (c) 2001-2017 Univention GmbH, Germany

ldap_dn="cn=ucs2,cn=dc,cn=computers,dc=intranet,dc=tobiaslorentz,dc=de" 
Setting hostname
Setting ldap/hostdn
File: /etc/freeradius/modules/ldap
File: /etc/libvirt/libvirtd.conf
Multifile: /etc/ldap/slapd.conf
File: /etc/welcome.msg
Multifile: /etc/postfix/ldap.virtualwithcanonical
File: /etc/pam_ldap.conf
File: /etc/issue
Multifile: /etc/postfix/ldap.virtual
File: /etc/logrotate.d/winbind
File: /etc/dhcp/dhclient.conf
File: /etc/apache2/conf.d/ucs.conf
Multifile: /etc/postfix/ldap.canonicalrecipient
Multifile: /etc/postfix/ldap.transport
File: /etc/libnss-ldap.conf
Multifile: /etc/postfix/ldap.canonicalsender
File: /etc/postgresql/pam_ldap.conf
Multifile: /etc/postfix/ldap.virtualdomains
Multifile: /etc/postfix/ldap.distlist
Multifile: /etc/postfix/ldap.groups
Multifile: /etc/postfix/ldap.saslusermapping
Multifile: /etc/postfix/ldap.sharedfolderlocal
File: /etc/logrotate.d/univention-samba4
File: /etc/mailname
Multifile: /etc/hosts
File: /etc/cron.d/univention-directory-policy
File: /etc/pam.d/smtp
Multifile: /etc/apache2/sites-available/default-ssl
Multifile: /etc/postfix/main.cf
Multifile: /etc/postfix/ldap.sharedfolderremote
File: /etc/hostname
Multifile: /etc/samba/smb.conf
File: /var/www/ucs-overview/entries.json
File: /etc/freeradius/radiusd.conf
Multifile: /etc/pam.d/univention-management-console
ok: down: univention-directory-listener: 0s
Setting ldap/server/name
Setting ldap/server/ip
Not updating ldap/server/port
Setting ldap/master
Not updating ldap/master/port
Setting ldap/server/type
File: /etc/freeradius/modules/ldap
File: /etc/pam.d/smtp
File: /etc/freeradius/eap.conf
Multifile: /etc/postfix/ldap.virtualwithcanonical
File: /etc/pam_ldap.conf
File: /etc/krb5.conf
Multifile: /etc/postfix/ldap.transport
Multifile: /etc/postfix/ldap.canonicalrecipient
Multifile: /etc/postfix/ldap.virtual
File: /etc/libnss-ldap.conf
File: /etc/postgresql/pam_ldap.conf
Multifile: /etc/postfix/ldap.virtualdomains
Multifile: /etc/postfix/ldap.distlist
Multifile: /etc/postfix/ldap.groups
Multifile: /etc/ldap/slapd.conf
Multifile: /etc/postfix/ldap.sharedfolderlocal
File: /etc/init.d/slapd
File: /etc/freeradius/modules/mschap
File: /etc/default/ntpdate
File: /etc/nagios/nrpe.cfg
Multifile: /etc/postfix/ldap.sharedfolderremote
Multifile: /etc/postfix/ldap.saslusermapping
File: /etc/ntp.conf
Multifile: /etc/postfix/ldap.canonicalsender
File: /etc/freeradius/radiusd.conf
File: /etc/ldap/ldap.conf
Updating certificates in /etc/ssl/certs... 0 added, 0 removed; done.
Running hooks in /etc/ca-certificates/update.d....
updates of cacerts keystore disabled.
done.
Could not chdir to home directory /dev/null: Not a directory
Could not chdir to home directory /dev/null: Not a directory
Restarting ldap server(s).
Stopping ldap server(s): slapd ...done.
Starting ldap server(s): slapd ...done.
Not updating ldap/server/name
Not updating ldap/master
Setting kerberos/realm
File: /var/lib/samba/private/krb5.conf
File: /etc/samba/base.conf
File: /etc/krb5.conf
Multifile: /etc/samba/smb.conf
File: /etc/heimdal-kdc/kdc.conf
Setting windows/domain
File: /etc/logrotate.d/winbind
File: /etc/krb5.conf
Multifile: /etc/samba/smb.conf
File: /etc/logrotate.d/univention-samba4
Setting dns/forwarder1
File: /etc/bind/named.conf.proxy
File: /etc/bind/named.conf.samba4
Configure 01univention-ldap-server-init.inst Sun Apr  2 12:13:50 CEST 2017
2017-04-02 12:13:50.276179691+02:00 (in joinscript_init)
Starting ldap server(s): slapd ...done.
2017-04-02 12:13:51.296046185+02:00 (in joinscript_save_current_version)
Configure 03univention-directory-listener.inst Sun Apr  2 12:13:51 CEST 2017
2017-04-02 12:13:51.323539772+02:00 (in joinscript_init)
Setting ldap/database/ldbm/dbsync
Multifile: /etc/ldap/slapd.conf
02.04.17 12:13:52.881  DEBUG_INIT
UNIVENTION_DEBUG_BEGIN  : uldap.__open host=ucs.intranet.tobiaslorentz.de port=7389 base=dc=intranet,dc=tobiaslorentz,dc=de
UNIVENTION_DEBUG_END    : uldap.__open host=ucs.intranet.tobiaslorentz.de port=7389 base=dc=intranet,dc=tobiaslorentz,dc=de
02.04.17 12:13:56.149  LISTENER    ( WARN    ) : handler: replication (not ready) (ignore)
Restarting ldap server(s).
Stopping ldap server(s): slapd ...done.
Starting ldap server(s): slapd ...done.
02.04.17 12:13:58.008  LISTENER    ( WARN    ) : handler: s4-connector (not ready) (ignore)
02.04.17 12:13:58.009  LISTENER    ( WARN    ) : handler: faillog (not ready) (ignore)
02.04.17 12:13:58.014  LISTENER    ( WARN    ) : Set Schema ID to 29
02.04.17 12:13:58.014  LISTENER    ( WARN    ) : initializing module replication
File: /var/lib/univention-ldap/ldap/DB_CONFIG
slapd: Kein Prozess gefunden
File: /var/lib/univention-ldap/ldap/DB_CONFIG
Starting ldap server(s): slapd ...done.
Restarting ldap server(s).
Stopping ldap server(s): slapd ...retry #1....done.
Starting ldap server(s): slapd ...done.
02.04.17 12:14:17.358  LISTENER    ( ERROR   ) : replication: Undefined attribute type; dn="uid=dns-ucs2,cn=users,dc=intranet,dc=tobiaslorentz,dc=de": Error
02.04.17 12:14:17.358  LISTENER    ( ERROR   ) : 	additional info: memberOf: attribute type undefined
02.04.17 12:14:45.614  LISTENER    ( WARN    ) : finished initializing module replication with rv=0
02.04.17 12:14:45.614  LISTENER    ( WARN    ) : initializing module libvirtd-acl
02.04.17 12:14:46.477  LISTENER    ( WARN    ) : finished initializing module libvirtd-acl with rv=0
02.04.17 12:14:46.477  LISTENER    ( WARN    ) : initializing module bind
02.04.17 12:14:46.621  LISTENER    ( WARN    ) : finished initializing module bind with rv=0
02.04.17 12:14:46.621  LISTENER    ( WARN    ) : initializing module s4-connector
02.04.17 12:14:47.273  LISTENER    ( WARN    ) : finished initializing module s4-connector with rv=0
02.04.17 12:14:47.274  LISTENER    ( WARN    ) : initializing module samba4-idmap
02.04.17 12:14:47.274  LISTENER    ( PROCESS ) : Move /var/lib/samba/private/idmap.ldb to /var/lib/samba/private/idmap.ldb_1491128087
02.04.17 12:14:47.625  LISTENER    ( PROCESS ) : samba4-idmap: added entry for S-1-5-21-1212620523-3129351964-3415023209-1124
02.04.17 12:14:47.638  LISTENER    ( PROCESS ) : samba4-idmap: added entry for S-1-5-17
02.04.17 12:14:47.649  LISTENER    ( PROCESS ) : samba4-idmap: added entry for S-1-5-10
02.04.17 12:14:47.658  LISTENER    ( PROCESS ) : samba4-idmap: added entry for S-1-5-21-1212620523-3129351964-3415023209-501
02.04.17 12:14:47.672  LISTENER    ( PROCESS ) : samba4-idmap: added entry for S-1-5-3
02.04.17 12:14:47.685  LISTENER    ( PROCESS ) : samba4-idmap: added entry for S-1-5-8
02.04.17 12:14:47.695  LISTENER    ( PROCESS ) : samba4-idmap: added entry for S-1-5-32-545
02.04.17 12:14:47.705  LISTENER    ( PROCESS ) : samba4-idmap: added entry for S-1-5-21-1212620523-3129351964-3415023209-502
02.04.17 12:14:47.714  LISTENER    ( PROCESS ) : samba4-idmap: added entry for S-1-5-21-1212620523-3129351964-3415023209-1116
02.04.17 12:14:47.724  LISTENER    ( PROCESS ) : samba4-idmap: added entry for S-1-5-21-1212620523-3129351964-3415023209-1120
02.04.17 12:14:47.731  LISTENER    ( PROCESS ) : samba4-idmap: added entry for S-1-5-21-1212620523-3129351964-3415023209-1125
02.04.17 12:14:47.741  LISTENER    ( PROCESS ) : samba4-idmap: added entry for S-1-5-21-1212620523-3129351964-3415023209-1159
02.04.17 12:14:47.751  LISTENER    ( PROCESS ) : samba4-idmap: added entry for S-1-0-0
02.04.17 12:14:47.767  LISTENER    ( PROCESS ) : samba4-idmap: added entry for S-1-5-1
02.04.17 12:14:47.781  LISTENER    ( PROCESS ) : samba4-idmap: added entry for S-1-5-18
02.04.17 12:14:47.790  LISTENER    ( PROCESS ) : samba4-idmap: added entry for S-1-5-32-546
02.04.17 12:14:47.799  LISTENER    ( PROCESS ) : samba4-idmap: added entry for S-1-5-21-1212620523-3129351964-3415023209-1114
02.04.17 12:14:47.812  LISTENER    ( PROCESS ) : samba4-idmap: added entry for S-1-5-21-1212620523-3129351964-3415023209-1127
02.04.17 12:14:47.824  LISTENER    ( PROCESS ) : samba4-idmap: added entry for S-1-4-2029
02.04.17 12:14:47.834  LISTENER    ( PROCESS ) : samba4-idmap: added entry for S-1-5-21-1212620523-3129351964-3415023209-1178
02.04.17 12:14:47.846  LISTENER    ( PROCESS ) : samba4-idmap: added entry for S-1-5-2
02.04.17 12:14:47.852  LISTENER    ( PROCESS ) : samba4-idmap: added entry for S-1-5-6
02.04.17 12:14:47.861  LISTENER    ( PROCESS ) : samba4-idmap: added entry for S-1-5-21-1212620523-3129351964-3415023209-2105
02.04.17 12:14:47.866  LISTENER    ( PROCESS ) : samba4-idmap: added entry for S-1-5-21-1212620523-3129351964-3415023209-1105
02.04.17 12:14:47.884  LISTENER    ( PROCESS ) : samba4-idmap: added entry for S-1-1-0
02.04.17 12:14:47.895  LISTENER    ( PROCESS ) : samba4-idmap: added entry for S-1-5-21-1212620523-3129351964-3415023209-1101
02.04.17 12:14:47.909  LISTENER    ( PROCESS ) : samba4-idmap: added entry for S-1-5-21-1212620523-3129351964-3415023209-1106
02.04.17 12:14:47.921  LISTENER    ( PROCESS ) : samba4-idmap: added entry for S-1-5-21-1212620523-3129351964-3415023209-1107
02.04.17 12:14:47.929  LISTENER    ( PROCESS ) : samba4-idmap: added entry for S-1-5-21-1212620523-3129351964-3415023209-1108
02.04.17 12:14:47.937  LISTENER    ( PROCESS ) : samba4-idmap: added entry for S-1-5-32-568
02.04.17 12:14:47.957  LISTENER    ( PROCESS ) : samba4-idmap: added entry for S-1-5-21-1212620523-3129351964-3415023209-1160
02.04.17 12:14:47.969  LISTENER    ( PROCESS ) : samba4-idmap: added entry for S-1-5-21-1212620523-3129351964-3415023209-1164
02.04.17 12:14:47.979  LISTENER    ( PROCESS ) : samba4-idmap: added entry for S-1-5-21-1212620523-3129351964-3415023209-1179
02.04.17 12:14:47.991  LISTENER    ( PROCESS ) : samba4-idmap: added entry for S-1-5-21-1212620523-3129351964-3415023209-1109
02.04.17 12:14:48.002  LISTENER    ( PROCESS ) : samba4-idmap: added entry for S-1-5-21-1212620523-3129351964-3415023209-1110
02.04.17 12:14:48.014  LISTENER    ( PROCESS ) : samba4-idmap: added entry for S-1-5-12
02.04.17 12:14:48.022  LISTENER    ( PROCESS ) : samba4-idmap: added entry for S-1-5-32-552
02.04.17 12:14:48.031  LISTENER    ( PROCESS ) : samba4-idmap: added entry for S-1-5-21-1212620523-3129351964-3415023209-1165
02.04.17 12:14:48.036  LISTENER    ( PROCESS ) : samba4-idmap: added entry for S-1-5-21-1212620523-3129351964-3415023209-513
02.04.17 12:14:48.053  LISTENER    ( PROCESS ) : samba4-idmap: added entry for S-1-5-21-1212620523-3129351964-3415023209-1000
02.04.17 12:14:48.059  LISTENER    ( PROCESS ) : samba4-idmap: added entry for S-1-5-4
02.04.17 12:14:48.066  LISTENER    ( PROCESS ) : samba4-idmap: added entry for S-1-4-2024
02.04.17 12:14:48.072  LISTENER    ( PROCESS ) : samba4-idmap: added entry for S-1-5-21-1212620523-3129351964-3415023209-512
02.04.17 12:14:48.078  LISTENER    ( PROCESS ) : samba4-idmap: added entry for S-1-5-21-1212620523-3129351964-3415023209-514
02.04.17 12:14:48.083  LISTENER    ( PROCESS ) : samba4-idmap: added entry for S-1-5-21-1212620523-3129351964-3415023209-11011
02.04.17 12:14:48.088  LISTENER    ( PROCESS ) : samba4-idmap: added entry for S-1-5-21-1212620523-3129351964-3415023209-500
02.04.17 12:14:48.092  LISTENER    ( PROCESS ) : samba4-idmap: added entry for S-1-3-4
02.04.17 12:14:48.099  LISTENER    ( PROCESS ) : samba4-idmap: added entry for S-1-5-21-1212620523-3129351964-3415023209-518
02.04.17 12:14:48.104  LISTENER    ( PROCESS ) : samba4-idmap: added entry for S-1-4-2022
02.04.17 12:14:48.110  LISTENER    ( PROCESS ) : samba4-idmap: added entry for S-1-5-21-1212620523-3129351964-3415023209-1169
02.04.17 12:14:48.115  LISTENER    ( PROCESS ) : samba4-idmap: added entry for S-1-4-2050
02.04.17 12:14:48.120  LISTENER    ( PROCESS ) : samba4-idmap: added entry for S-1-5-21-1212620523-3129351964-3415023209-1111
02.04.17 12:14:48.132  LISTENER    ( PROCESS ) : samba4-idmap: added entry for S-1-5-32-550
02.04.17 12:14:48.137  LISTENER    ( PROCESS ) : samba4-idmap: added entry for S-1-3-1
02.04.17 12:14:48.141  LISTENER    ( PROCESS ) : samba4-idmap: added entry for S-1-3-0
02.04.17 12:14:48.147  LISTENER    ( PROCESS ) : samba4-idmap: added entry for S-1-5-19
02.04.17 12:14:48.153  LISTENER    ( PROCESS ) : samba4-idmap: added entry for S-1-5-21-1212620523-3129351964-3415023209-1102
02.04.17 12:14:48.158  LISTENER    ( PROCESS ) : samba4-idmap: added entry for S-1-4-2011
02.04.17 12:14:48.163  LISTENER    ( PROCESS ) : samba4-idmap: added entry for S-1-5-21-1212620523-3129351964-3415023209-1112
02.04.17 12:14:48.168  LISTENER    ( PROCESS ) : samba4-idmap: added entry for S-1-0
02.04.17 12:14:48.173  LISTENER    ( PROCESS ) : samba4-idmap: added entry for S-1-5-32-544
02.04.17 12:14:48.177  LISTENER    ( PROCESS ) : samba4-idmap: added entry for S-1-5-21-1212620523-3129351964-3415023209-517
02.04.17 12:14:48.182  LISTENER    ( PROCESS ) : samba4-idmap: added entry for S-1-1
02.04.17 12:14:48.187  LISTENER    ( PROCESS ) : samba4-idmap: added entry for S-1-5-7
02.04.17 12:14:48.195  LISTENER    ( PROCESS ) : samba4-idmap: added entry for S-1-5-20
02.04.17 12:14:48.203  LISTENER    ( PROCESS ) : samba4-idmap: added entry for S-1-5-21-1212620523-3129351964-3415023209-515
02.04.17 12:14:48.208  LISTENER    ( PROCESS ) : samba4-idmap: added entry for S-1-4-2018
02.04.17 12:14:48.217  LISTENER    ( PROCESS ) : samba4-idmap: added entry for S-1-4-2020
02.04.17 12:14:48.231  LISTENER    ( PROCESS ) : samba4-idmap: added entry for S-1-5-21-1212620523-3129351964-3415023209-2102
02.04.17 12:14:48.236  LISTENER    ( PROCESS ) : samba4-idmap: added entry for S-1-5-32-551
02.04.17 12:14:48.241  LISTENER    ( PROCESS ) : samba4-idmap: added entry for S-1-5-21-1212620523-3129351964-3415023209-519
02.04.17 12:14:48.245  LISTENER    ( PROCESS ) : samba4-idmap: added entry for S-1-5-32-549
02.04.17 12:14:48.250  LISTENER    ( PROCESS ) : samba4-idmap: added entry for S-1-5-15
02.04.17 12:14:48.255  LISTENER    ( PROCESS ) : samba4-idmap: added entry for S-1-5-21-1212620523-3129351964-3415023209-516
02.04.17 12:14:48.263  LISTENER    ( PROCESS ) : samba4-idmap: added entry for S-1-5-32-573
02.04.17 12:14:48.271  LISTENER    ( PROCESS ) : samba4-idmap: added entry for S-1-5-32-548
02.04.17 12:14:48.276  LISTENER    ( PROCESS ) : samba4-idmap: added entry for S-1-5-21-1212620523-3129351964-3415023209-1158
02.04.17 12:14:48.281  LISTENER    ( PROCESS ) : samba4-idmap: added entry for S-1-5-1000
02.04.17 12:14:48.289  LISTENER    ( PROCESS ) : samba4-idmap: added entry for S-1-5-21-1212620523-3129351964-3415023209-553
02.04.17 12:14:48.294  LISTENER    ( PROCESS ) : samba4-idmap: added entry for S-1-5-11
02.04.17 12:14:48.299  LISTENER    ( PROCESS ) : samba4-idmap: added entry for S-1-5-64-10
02.04.17 12:14:48.304  LISTENER    ( PROCESS ) : samba4-idmap: added entry for S-1-5-13
02.04.17 12:14:48.309  LISTENER    ( PROCESS ) : samba4-idmap: added entry for S-1-5-32-555
02.04.17 12:14:48.314  LISTENER    ( PROCESS ) : samba4-idmap: added entry for S-1-5-64-21
02.04.17 12:14:48.318  LISTENER    ( PROCESS ) : samba4-idmap: added entry for S-1-5-32-559
02.04.17 12:14:48.326  LISTENER    ( PROCESS ) : samba4-idmap: added entry for S-1-5-32-562
02.04.17 12:14:48.333  LISTENER    ( PROCESS ) : samba4-idmap: added entry for S-1-5-21-1212620523-3129351964-3415023209-1133
02.04.17 12:14:48.338  LISTENER    ( PROCESS ) : samba4-idmap: added entry for S-1-5-21-1212620523-3129351964-3415023209-1137
02.04.17 12:14:48.343  LISTENER    ( PROCESS ) : samba4-idmap: added entry for S-1-5-21-1212620523-3129351964-3415023209-1143
02.04.17 12:14:48.347  LISTENER    ( PROCESS ) : samba4-idmap: added entry for S-1-5-21-1212620523-3129351964-3415023209-1144
02.04.17 12:14:48.351  LISTENER    ( PROCESS ) : samba4-idmap: added entry for S-1-5-64-14
02.04.17 12:14:48.356  LISTENER    ( PROCESS ) : samba4-idmap: added entry for S-1-5-32-569
02.04.17 12:14:48.360  LISTENER    ( PROCESS ) : samba4-idmap: added entry for S-1-5-21-1212620523-3129351964-3415023209-1128
02.04.17 12:14:48.365  LISTENER    ( PROCESS ) : samba4-idmap: added entry for S-1-5-21-1212620523-3129351964-3415023209-1134
02.04.17 12:14:48.370  LISTENER    ( PROCESS ) : samba4-idmap: added entry for S-1-5-21-1212620523-3129351964-3415023209-1150
02.04.17 12:14:48.375  LISTENER    ( PROCESS ) : samba4-idmap: added entry for S-1-5-14
02.04.17 12:14:48.380  LISTENER    ( PROCESS ) : samba4-idmap: added entry for S-1-5-21-1212620523-3129351964-3415023209-1136
02.04.17 12:14:48.385  LISTENER    ( PROCESS ) : samba4-idmap: added entry for S-1-5-32-558
02.04.17 12:14:48.392  LISTENER    ( PROCESS ) : samba4-idmap: added entry for S-1-5-21-1212620523-3129351964-3415023209-1131
02.04.17 12:14:48.398  LISTENER    ( PROCESS ) : samba4-idmap: added entry for S-1-5-21-1212620523-3129351964-3415023209-1142
02.04.17 12:14:48.402  LISTENER    ( PROCESS ) : samba4-idmap: added entry for S-1-5-21-1212620523-3129351964-3415023209-1145
02.04.17 12:14:48.407  LISTENER    ( PROCESS ) : samba4-idmap: added entry for S-1-5-21-1212620523-3129351964-3415023209-1151
02.04.17 12:14:48.413  LISTENER    ( PROCESS ) : samba4-idmap: added entry for S-1-5-21-1212620523-3129351964-3415023209-520
02.04.17 12:14:48.417  LISTENER    ( PROCESS ) : samba4-idmap: added entry for S-1-5-21-1212620523-3129351964-3415023209-1132
02.04.17 12:14:48.422  LISTENER    ( PROCESS ) : samba4-idmap: added entry for S-1-5-21-1212620523-3129351964-3415023209-1140
02.04.17 12:14:48.426  LISTENER    ( PROCESS ) : samba4-idmap: added entry for S-1-5-21-1212620523-3129351964-3415023209-521
02.04.17 12:14:48.431  LISTENER    ( PROCESS ) : samba4-idmap: added entry for S-1-5-21-1212620523-3129351964-3415023209-1130
02.04.17 12:14:48.439  LISTENER    ( PROCESS ) : samba4-idmap: added entry for S-1-5-21-1212620523-3129351964-3415023209-1139
02.04.17 12:14:48.444  LISTENER    ( PROCESS ) : samba4-idmap: added entry for S-1-5-9
02.04.17 12:14:48.449  LISTENER    ( PROCESS ) : samba4-idmap: added entry for S-1-5-21-1212620523-3129351964-3415023209-1135
02.04.17 12:14:48.457  LISTENER    ( PROCESS ) : samba4-idmap: added entry for S-1-5-21-1212620523-3129351964-3415023209-1147
02.04.17 12:14:48.462  LISTENER    ( PROCESS ) : samba4-idmap: added entry for S-1-5-21-1212620523-3129351964-3415023209-1170
02.04.17 12:14:48.467  LISTENER    ( PROCESS ) : samba4-idmap: added entry for S-1-5-32-557
02.04.17 12:14:48.471  LISTENER    ( PROCESS ) : samba4-idmap: added entry for S-1-5-21-1212620523-3129351964-3415023209-1129
02.04.17 12:14:48.476  LISTENER    ( PROCESS ) : samba4-idmap: added entry for S-1-5-21-1212620523-3129351964-3415023209-1138
02.04.17 12:14:48.481  LISTENER    ( PROCESS ) : samba4-idmap: added entry for S-1-5-21-1212620523-3129351964-3415023209-1141
02.04.17 12:14:48.487  LISTENER    ( PROCESS ) : samba4-idmap: added entry for S-1-5-32-574
02.04.17 12:14:48.491  LISTENER    ( PROCESS ) : samba4-idmap: added entry for S-1-5-32-556
02.04.17 12:14:48.495  LISTENER    ( PROCESS ) : samba4-idmap: added entry for S-1-5-32-561
02.04.17 12:14:48.500  LISTENER    ( PROCESS ) : samba4-idmap: added entry for S-1-5-21-1212620523-3129351964-3415023209-1148
02.04.17 12:14:48.505  LISTENER    ( PROCESS ) : samba4-idmap: added entry for S-1-5-21-1212620523-3129351964-3415023209-1149
02.04.17 12:14:48.510  LISTENER    ( PROCESS ) : samba4-idmap: added entry for S-1-5-21-1212620523-3129351964-3415023209-1176
02.04.17 12:14:48.515  LISTENER    ( PROCESS ) : samba4-idmap: added entry for S-1-5-21-1212620523-3129351964-3415023209-1180
02.04.17 12:14:48.520  LISTENER    ( PROCESS ) : samba4-idmap: added entry for S-1-5-32-560
02.04.17 12:14:48.528  LISTENER    ( PROCESS ) : samba4-idmap: added entry for S-1-5-32-554
02.04.17 12:14:48.536  LISTENER    ( PROCESS ) : samba4-idmap: added entry for S-1-5-21-1212620523-3129351964-3415023209-572
02.04.17 12:14:48.540  LISTENER    ( PROCESS ) : samba4-idmap: added entry for S-1-5-21-1212620523-3129351964-3415023209-571
02.04.17 12:14:48.545  LISTENER    ( PROCESS ) : samba4-idmap: added entry for S-1-5-21-1212620523-3129351964-3415023209-498
02.04.17 12:14:48.545  LISTENER    ( WARN    ) : finished initializing module samba4-idmap with rv=0
02.04.17 12:14:48.545  LISTENER    ( WARN    ) : initializing module keytab-member
02.04.17 12:14:48.768  LISTENER    ( WARN    ) : finished initializing module keytab-member with rv=0
02.04.17 12:14:48.768  LISTENER    ( WARN    ) : initializing module nscd_update
02.04.17 12:14:48.977  LISTENER    ( WARN    ) : finished initializing module nscd_update with rv=0
02.04.17 12:14:48.977  LISTENER    ( WARN    ) : initializing module keytab
02.04.17 12:14:49.149  LISTENER    ( WARN    ) : finished initializing module keytab with rv=0
02.04.17 12:14:49.149  LISTENER    ( WARN    ) : initializing module ldap_extension
02.04.17 12:14:50.265  LISTENER    ( WARN    ) : finished initializing module ldap_extension with rv=0
02.04.17 12:14:50.265  LISTENER    ( WARN    ) : initializing module well-known-sid-name-mapping
02.04.17 12:14:50.713  LISTENER    ( PROCESS ) : well-known-sid-name-mapping: ucr set 

#3

und hier Teil 2:

groups/default/printoperators=Printer-Admins
02.04.17 12:14:53.972  LISTENER    ( WARN    ) : finished initializing module well-known-sid-name-mapping with rv=0
02.04.17 12:14:53.972  LISTENER    ( WARN    ) : initializing module quota
UNIVENTION_DEBUG_BEGIN  : uldap.__open host=ucs2.intranet.tobiaslorentz.de port=7389 base=dc=intranet,dc=tobiaslorentz,dc=de
Setting uvmm/managers
File: /etc/libvirt/libvirtd.conf
Multifile: /etc/ldap/slapd.conf
Setting groups/default/printoperators
File: /etc/security/access-sudo.conf
Multifile: /etc/ldap/slapd.conf
File: /etc/security/access-ftp.conf
File: /etc/security/access-kscreensaver.conf
File: /etc/security/access-passwd.conf
File: /etc/security/access-su.conf
File: /etc/security/access-chfn.conf
File: /etc/security/access-cron.conf
File: /etc/security/access-kdm.conf
File: /etc/security/access-rsh.conf
File: /etc/security/access-chsh.conf
File: /etc/security/access-kcheckpass.conf
File: /etc/security/access-kde.conf
File: /etc/security/access-ppp.conf
File: /etc/security/access-rlogin.conf
File: /etc/security/access-screen.conf
File: /etc/security/access-login.conf
File: /etc/security/access-gdm.conf
File: /etc/security/access-sshd.conf
File: /etc/security/access-other.conf
File: /etc/security/limits.conf
Traceback (most recent call last):
  File "/usr/lib/univention-directory-listener/system/quota.py", line 213, in handler
    if _is_container_change_relevant(new, old):
  File "/usr/lib/univention-directory-listener/system/quota.py", line 139, in _is_container_change_relevant
    lo = _get_ldap_connection()
  File "/usr/lib/univention-directory-listener/system/quota.py", line 116, in _get_ldap_connection
    connection = univention.uldap.getMachineConnection(ldap_master=False)
  File "/usr/lib/pymodules/python2.7/univention/uldap.py", line 89, in getMachineConnection
    return access(host=ucr['ldap/server/name'], port=port, base=ucr['ldap/base'], binddn=ucr['ldap/hostdn'], bindpw=bindpw, start_tls=start_tls, decode_ignorelist=decode_ignorelist, reconnect=reconnect)
  File "/usr/lib/pymodules/python2.7/univention/uldap.py", line 150, in __init__
    self.__open(ca_certfile)
  File "/usr/lib/pymodules/python2.7/univention/uldap.py", line 189, in __open
    self.lo.simple_bind_s(self.binddn, self.__encode_pwd(self.bindpw))
  File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 879, in simple_bind_s
    res = self._apply_method_s(SimpleLDAPObject.simple_bind_s,*args,**kwargs)
  File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 860, in _apply_method_s
    return func(self,*args,**kwargs)
  File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 215, in simple_bind_s
    resp_type, resp_data, resp_msgid, resp_ctrls = self.result3(msgid,all=1,timeout=self.timeout)
  File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 476, in result3
    resp_ctrl_classes=resp_ctrl_classes
  File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 483, in result4
    ldap_result = self._ldap_call(self._l.result4,msgid,all,timeout,add_ctrls,add_intermediates,add_extop)
  File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 106, in _ldap_call
    result = func(*args,**kwargs)
ldap.INVALID_CREDENTIALS: {'desc': 'Invalid credentials'}
02.04.17 12:14:54.257  LISTENER    ( WARN    ) : handler: quota (failed)
UNIVENTION_DEBUG_BEGIN  : uldap.__open host=ucs2.intranet.tobiaslorentz.de port=7389 base=dc=intranet,dc=tobiaslorentz,dc=de
UNIVENTION_DEBUG_END    : uldap.__open host=ucs2.intranet.tobiaslorentz.de port=7389 base=dc=intranet,dc=tobiaslorentz,dc=de
Traceback (most recent call last):
  File "/usr/lib/univention-directory-listener/system/quota.py", line 213, in handler
    if _is_container_change_relevant(new, old):
  File "/usr/lib/univention-directory-listener/system/quota.py", line 139, in _is_container_change_relevant
    lo = _get_ldap_connection()
  File "/usr/lib/univention-directory-listener/system/quota.py", line 116, in _get_ldap_connection
    connection = univention.uldap.getMachineConnection(ldap_master=False)
  File "/usr/lib/pymodules/python2.7/univention/uldap.py", line 89, in getMachineConnection
    return access(host=ucr['ldap/server/name'], port=port, base=ucr['ldap/base'], binddn=ucr['ldap/hostdn'], bindpw=bindpw, start_tls=start_tls, decode_ignorelist=decode_ignorelist, reconnect=reconnect)
  File "/usr/lib/pymodules/python2.7/univention/uldap.py", line 150, in __init__
    self.__open(ca_certfile)
  File "/usr/lib/pymodules/python2.7/univention/uldap.py", line 189, in __open
    self.lo.simple_bind_s(self.binddn, self.__encode_pwd(self.bindpw))
  File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 879, in simple_bind_s
    res = self._apply_method_s(SimpleLDAPObject.simple_bind_s,*args,**kwargs)
  File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 860, in _apply_method_s
    return func(self,*args,**kwargs)
  File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 215, in simple_bind_s
    resp_type, resp_data, resp_msgid, resp_ctrls = self.result3(msgid,all=1,timeout=self.timeout)
  File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 476, in result3
    resp_ctrl_classes=resp_ctrl_classes
  File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 483, in result4
    ldap_result = self._ldap_call(self._l.result4,msgid,all,timeout,add_ctrls,add_intermediates,add_extop)
  File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 106, in _ldap_call
    result = func(*args,**kwargs)
ldap.INVALID_CREDENTIALS: {'desc': 'Invalid credentials'}
02.04.17 12:14:54.315  LISTENER    ( WARN    ) : handler: quota (failed)
UNIVENTION_DEBUG_BEGIN  : uldap.__open host=ucs2.intranet.tobiaslorentz.de port=7389 base=dc=intranet,dc=tobiaslorentz,dc=de
UNIVENTION_DEBUG_END    : uldap.__open host=ucs2.intranet.tobiaslorentz.de port=7389 base=dc=intranet,dc=tobiaslorentz,dc=de
Traceback (most recent call last):
  File "/usr/lib/univention-directory-listener/system/quota.py", line 213, in handler
    if _is_container_change_relevant(new, old):
  File "/usr/lib/univention-directory-listener/system/quota.py", line 139, in _is_container_change_relevant
    lo = _get_ldap_connection()
  File "/usr/lib/univention-directory-listener/system/quota.py", line 116, in _get_ldap_connection
    connection = univention.uldap.getMachineConnection(ldap_master=False)
  File "/usr/lib/pymodules/python2.7/univention/uldap.py", line 89, in getMachineConnection
    return access(host=ucr['ldap/server/name'], port=port, base=ucr['ldap/base'], binddn=ucr['ldap/hostdn'], bindpw=bindpw, start_tls=start_tls, decode_ignorelist=decode_ignorelist, reconnect=reconnect)
  File "/usr/lib/pymodules/python2.7/univention/uldap.py", line 150, in __init__
    self.__open(ca_certfile)
  File "/usr/lib/pymodules/python2.7/univention/uldap.py", line 189, in __open
    self.lo.simple_bind_s(self.binddn, self.__encode_pwd(self.bindpw))
  File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 879, in simple_bind_s
    res = self._apply_method_s(SimpleLDAPObject.simple_bind_s,*args,**kwargs)
  File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 860, in _apply_method_s
    return func(self,*args,**kwargs)
  File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 215, in simple_bind_s
    resp_type, resp_data, resp_msgid, resp_ctrls = self.result3(msgid,all=1,timeout=self.timeout)
  File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 476, in result3
    resp_ctrl_classes=resp_ctrl_classes
  File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 483, in result4
    ldap_result = self._ldap_call(self._l.result4,msgid,all,timeout,add_ctrls,add_intermediates,add_extop)
  File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 106, in _ldap_call
    result = func(*args,**kwargs)
ldap.INVALID_CREDENTIALS: {'desc': 'Invalid credentials'}
02.04.17 12:14:54.375  LISTENER    ( WARN    ) : handler: quota (failed)
UNIVENTION_DEBUG_BEGIN  : uldap.__open host=ucs2.intranet.tobiaslorentz.de port=7389 base=dc=intranet,dc=tobiaslorentz,dc=de
UNIVENTION_DEBUG_END    : uldap.__open host=ucs2.intranet.tobiaslorentz.de port=7389 base=dc=intranet,dc=tobiaslorentz,dc=de
Traceback (most recent call last):
  File "/usr/lib/univention-directory-listener/system/quota.py", line 213, in handler
    if _is_container_change_relevant(new, old):
  File "/usr/lib/univention-directory-listener/system/quota.py", line 139, in _is_container_change_relevant
    lo = _get_ldap_connection()
  File "/usr/lib/univention-directory-listener/system/quota.py", line 116, in _get_ldap_connection
    connection = univention.uldap.getMachineConnection(ldap_master=False)
  File "/usr/lib/pymodules/python2.7/univention/uldap.py", line 89, in getMachineConnection
    return access(host=ucr['ldap/server/name'], port=port, base=ucr['ldap/base'], binddn=ucr['ldap/hostdn'], bindpw=bindpw, start_tls=start_tls, decode_ignorelist=decode_ignorelist, reconnect=reconnect)
  File "/usr/lib/pymodules/python2.7/univention/uldap.py", line 150, in __init__
    self.__open(ca_certfile)
  File "/usr/lib/pymodules/python2.7/univention/uldap.py", line 189, in __open
    self.lo.simple_bind_s(self.binddn, self.__encode_pwd(self.bindpw))
  File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 879, in simple_bind_s
    res = self._apply_method_s(SimpleLDAPObject.simple_bind_s,*args,**kwargs)
  File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 860, in _apply_method_s
    return func(self,*args,**kwargs)
  File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 215, in simple_bind_s
    resp_type, resp_data, resp_msgid, resp_ctrls = self.result3(msgid,all=1,timeout=self.timeout)
  File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 476, in result3
    resp_ctrl_classes=resp_ctrl_classes
  File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 483, in result4
    ldap_result = self._ldap_call(self._l.result4,msgid,all,timeout,add_ctrls,add_intermediates,add_extop)
  File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 106, in _ldap_call
    result = func(*args,**kwargs)
ldap.INVALID_CREDENTIALS: {'desc': 'Invalid credentials'}
02.04.17 12:14:54.431  LISTENER    ( WARN    ) : handler: quota (failed)
UNIVENTION_DEBUG_BEGIN  : uldap.__open host=ucs2.intranet.tobiaslorentz.de port=7389 base=dc=intranet,dc=tobiaslorentz,dc=de
UNIVENTION_DEBUG_END    : uldap.__open host=ucs2.intranet.tobiaslorentz.de port=7389 base=dc=intranet,dc=tobiaslorentz,dc=de
Traceback (most recent call last):
  File "/usr/lib/univention-directory-listener/system/quota.py", line 213, in handler
    if _is_container_change_relevant(new, old):
  File "/usr/lib/univention-directory-listener/system/quota.py", line 139, in _is_container_change_relevant
    lo = _get_ldap_connection()
  File "/usr/lib/univention-directory-listener/system/quota.py", line 116, in _get_ldap_connection
    connection = univention.uldap.getMachineConnection(ldap_master=False)
  File "/usr/lib/pymodules/python2.7/univention/uldap.py", line 89, in getMachineConnection
    return access(host=ucr['ldap/server/name'], port=port, base=ucr['ldap/base'], binddn=ucr['ldap/hostdn'], bindpw=bindpw, start_tls=start_tls, decode_ignorelist=decode_ignorelist, reconnect=reconnect)
  File "/usr/lib/pymodules/python2.7/univention/uldap.py", line 150, in __init__
    self.__open(ca_certfile)
  File "/usr/lib/pymodules/python2.7/univention/uldap.py", line 189, in __open
    self.lo.simple_bind_s(self.binddn, self.__encode_pwd(self.bindpw))
  File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 879, in simple_bind_s
    res = self._apply_method_s(SimpleLDAPObject.simple_bind_s,*args,**kwargs)
  File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 860, in _apply_method_s
    return func(self,*args,**kwargs)
  File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 215, in simple_bind_s
    resp_type, resp_data, resp_msgid, resp_ctrls = self.result3(msgid,all=1,timeout=self.timeout)
  File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 476, in result3
    resp_ctrl_classes=resp_ctrl_classes
  File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 483, in result4
    ldap_result = self._ldap_call(self._l.result4,msgid,all,timeout,add_ctrls,add_intermediates,add_extop)
  File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 106, in _ldap_call
    result = func(*args,**kwargs)
ldap.INVALID_CREDENTIALS: {'desc': 'Invalid credentials'}
02.04.17 12:14:54.492  LISTENER    ( WARN    ) : handler: quota (failed)
UNIVENTION_DEBUG_BEGIN  : uldap.__open host=ucs2.intranet.tobiaslorentz.de port=7389 base=dc=intranet,dc=tobiaslorentz,dc=de
UNIVENTION_DEBUG_END    : uldap.__open host=ucs2.intranet.tobiaslorentz.de port=7389 base=dc=intranet,dc=tobiaslorentz,dc=de
Traceback (most recent call last):
  File "/usr/lib/univention-directory-listener/system/quota.py", line 213, in handler
    if _is_container_change_relevant(new, old):
  File "/usr/lib/univention-directory-listener/system/quota.py", line 139, in _is_container_change_relevant
    lo = _get_ldap_connection()
  File "/usr/lib/univention-directory-listener/system/quota.py", line 116, in _get_ldap_connection
    connection = univention.uldap.getMachineConnection(ldap_master=False)
  File "/usr/lib/pymodules/python2.7/univention/uldap.py", line 89, in getMachineConnection
    return access(host=ucr['ldap/server/name'], port=port, base=ucr['ldap/base'], binddn=ucr['ldap/hostdn'], bindpw=bindpw, start_tls=start_tls, decode_ignorelist=decode_ignorelist, reconnect=reconnect)
  File "/usr/lib/pymodules/python2.7/univention/uldap.py", line 150, in __init__
    self.__open(ca_certfile)
  File "/usr/lib/pymodules/python2.7/univention/uldap.py", line 189, in __open
    self.lo.simple_bind_s(self.binddn, self.__encode_pwd(self.bindpw))
  File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 879, in simple_bind_s
    res = self._apply_method_s(SimpleLDAPObject.simple_bind_s,*args,**kwargs)
  File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 860, in _apply_method_s
    return func(self,*args,**kwargs)
  File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 215, in simple_bind_s
    resp_type, resp_data, resp_msgid, resp_ctrls = self.result3(msgid,all=1,timeout=self.timeout)
  File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 476, in result3
    resp_ctrl_classes=resp_ctrl_classes
  File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 483, in result4
    ldap_result = self._ldap_call(self._l.result4,msgid,all,timeout,add_ctrls,add_intermediates,add_extop)
  File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 106, in _ldap_call
    result = func(*args,**kwargs)
ldap.INVALID_CREDENTIALS: {'desc': 'Invalid credentials'}
02.04.17 12:14:54.548  LISTENER    ( WARN    ) : handler: quota (failed)
UNIVENTION_DEBUG_BEGIN  : uldap.__open host=ucs2.intranet.tobiaslorentz.de port=7389 base=dc=intranet,dc=tobiaslorentz,dc=de
UNIVENTION_DEBUG_END    : uldap.__open host=ucs2.intranet.tobiaslorentz.de port=7389 base=dc=intranet,dc=tobiaslorentz,dc=de
Traceback (most recent call last):
  File "/usr/lib/univention-directory-listener/system/quota.py", line 213, in handler
    if _is_container_change_relevant(new, old):
  File "/usr/lib/univention-directory-listener/system/quota.py", line 139, in _is_container_change_relevant
    lo = _get_ldap_connection()
  File "/usr/lib/univention-directory-listener/system/quota.py", line 116, in _get_ldap_connection
    connection = univention.uldap.getMachineConnection(ldap_master=False)
  File "/usr/lib/pymodules/python2.7/univention/uldap.py", line 89, in getMachineConnection
    return access(host=ucr['ldap/server/name'], port=port, base=ucr['ldap/base'], binddn=ucr['ldap/hostdn'], bindpw=bindpw, start_tls=start_tls, decode_ignorelist=decode_ignorelist, reconnect=reconnect)
  File "/usr/lib/pymodules/python2.7/univention/uldap.py", line 150, in __init__
    self.__open(ca_certfile)
  File "/usr/lib/pymodules/python2.7/univention/uldap.py", line 189, in __open
    self.lo.simple_bind_s(self.binddn, self.__encode_pwd(self.bindpw))
  File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 879, in simple_bind_s
    res = self._apply_method_s(SimpleLDAPObject.simple_bind_s,*args,**kwargs)
  File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 860, in _apply_method_s
    return func(self,*args,**kwargs)
  File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 215, in simple_bind_s
    resp_type, resp_data, resp_msgid, resp_ctrls = self.result3(msgid,all=1,timeout=self.timeout)
  File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 476, in result3
    resp_ctrl_classes=resp_ctrl_classes
  File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 483, in result4
    ldap_result = self._ldap_call(self._l.result4,msgid,all,timeout,add_ctrls,add_intermediates,add_extop)
  File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 106, in _ldap_call
    result = func(*args,**kwargs)
ldap.INVALID_CREDENTIALS: {'desc': 'Invalid credentials'}
02.04.17 12:14:54.603  LISTENER    ( WARN    ) : handler: quota (failed)
UNIVENTION_DEBUG_BEGIN  : uldap.__open host=ucs2.intranet.tobiaslorentz.de port=7389 base=dc=intranet,dc=tobiaslorentz,dc=de
UNIVENTION_DEBUG_END    : uldap.__open host=ucs2.intranet.tobiaslorentz.de port=7389 base=dc=intranet,dc=tobiaslorentz,dc=de
Traceback (most recent call last):
  File "/usr/lib/univention-directory-listener/system/quota.py", line 213, in handler
    if _is_container_change_relevant(new, old):
  File "/usr/lib/univention-directory-listener/system/quota.py", line 139, in _is_container_change_relevant
    lo = _get_ldap_connection()
  File "/usr/lib/univention-directory-listener/system/quota.py", line 116, in _get_ldap_connection
    connection = univention.uldap.getMachineConnection(ldap_master=False)
  File "/usr/lib/pymodules/python2.7/univention/uldap.py", line 89, in getMachineConnection
    return access(host=ucr['ldap/server/name'], port=port, base=ucr['ldap/base'], binddn=ucr['ldap/hostdn'], bindpw=bindpw, start_tls=start_tls, decode_ignorelist=decode_ignorelist, reconnect=reconnect)
  File "/usr/lib/pymodules/python2.7/univention/uldap.py", line 150, in __init__
    self.__open(ca_certfile)
  File "/usr/lib/pymodules/python2.7/univention/uldap.py", line 189, in __open
    self.lo.simple_bind_s(self.binddn, self.__encode_pwd(self.bindpw))
  File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 879, in simple_bind_s
    res = self._apply_method_s(SimpleLDAPObject.simple_bind_s,*args,**kwargs)
  File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 860, in _apply_method_s
    return func(self,*args,**kwargs)
  File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 215, in simple_bind_s
    resp_type, resp_data, resp_msgid, resp_ctrls = self.result3(msgid,all=1,timeout=self.timeout)
  File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 476, in result3
    resp_ctrl_classes=resp_ctrl_classes
  File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 483, in result4
    ldap_result = self._ldap_call(self._l.result4,msgid,all,timeout,add_ctrls,add_intermediates,add_extop)
  File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 106, in _ldap_call
    result = func(*args,**kwargs)
ldap.INVALID_CREDENTIALS: {'desc': 'Invalid credentials'}
02.04.17 12:14:54.658  LISTENER    ( WARN    ) : handler: quota (failed)
02.04.17 12:14:54.667  LISTENER    ( WARN    ) : finished initializing module quota with rv=0
02.04.17 12:14:54.667  LISTENER    ( WARN    ) : initializing module umc-service-providers
02.04.17 12:14:55.152  LISTENER    ( WARN    ) : finished initializing module umc-service-providers with rv=0
02.04.17 12:14:55.152  LISTENER    ( WARN    ) : initializing module nfs-shares
02.04.17 12:14:55.257  LISTENER    ( WARN    ) : finished initializing module nfs-shares with rv=0
02.04.17 12:14:55.257  LISTENER    ( WARN    ) : initializing module hosteddomains
02.04.17 12:14:55.484  LISTENER    ( WARN    ) : finished initializing module hosteddomains with rv=0
02.04.17 12:14:55.485  LISTENER    ( WARN    ) : initializing module faillog
02.04.17 12:14:55.640  LISTENER    ( WARN    ) : finished initializing module faillog with rv=0
02.04.17 12:14:55.641  LISTENER    ( WARN    ) : initializing module pkgdb-watch
02.04.17 12:14:56.012  LISTENER    ( WARN    ) : finished initializing module pkgdb-watch with rv=0
02.04.17 12:14:56.013  LISTENER    ( WARN    ) : initializing module ldap_server
02.04.17 12:14:57.282  LISTENER    ( WARN    ) : finished initializing module ldap_server with rv=0
02.04.17 12:14:57.282  LISTENER    ( WARN    ) : initializing module samba-shares
02.04.17 12:14:57.456  LISTENER    ( WARN    ) : finished initializing module samba-shares with rv=0
02.04.17 12:14:57.457  LISTENER    ( WARN    ) : initializing module nagios-client
02.04.17 12:14:57.643  LISTENER    ( WARN    ) : finished initializing module nagios-client with rv=0
02.04.17 12:14:57.643  LISTENER    ( WARN    ) : initializing module uvmmd-ldap
02.04.17 12:14:57.889  LISTENER    ( WARN    ) : finished initializing module uvmmd-ldap with rv=0
02.04.17 12:14:57.890  LISTENER    ( WARN    ) : initializing module license_uuid
Konnte Socket "/var/run/uvmm.socket" nicht öffnen: 2
Konnte Socket "/var/run/uvmm.socket" nicht öffnen: 2
Konnte Socket "/var/run/uvmm.socket" nicht öffnen: 2
Konnte Socket "/var/run/uvmm.socket" nicht öffnen: 2
Konnte Socket "/var/run/uvmm.socket" nicht öffnen: 2
Konnte Socket "/var/run/uvmm.socket" nicht öffnen: 2
Konnte Socket "/var/run/uvmm.socket" nicht öffnen: 2
Konnte Socket "/var/run/uvmm.socket" nicht öffnen: 2
Konnte Socket "/var/run/uvmm.socket" nicht öffnen: 2
Konnte Socket "/var/run/uvmm.socket" nicht öffnen: 2
Konnte Socket "/var/run/uvmm.socket" nicht öffnen: 2
02.04.17 12:14:58.856  LISTENER    ( WARN    ) : finished initializing module license_uuid with rv=0
02.04.17 12:14:58.857  LISTENER    ( WARN    ) : initializing module uvmmd-nodes
Konnte Socket "/var/run/uvmm.socket" nicht öffnen: 2
02.04.17 12:14:59.242  LISTENER    ( WARN    ) : finished initializing module uvmmd-nodes with rv=0
02.04.17 12:14:59.242  LISTENER    ( WARN    ) : initializing module univention-saml-servers
02.04.17 12:14:59.671  LISTENER    ( WARN    ) : finished initializing module univention-saml-servers with rv=0
02.04.17 12:14:59.671  LISTENER    ( WARN    ) : initializing module nfs-homes
02.04.17 12:14:59.790  LISTENER    ( WARN    ) : finished initializing module nfs-homes with rv=0
02.04.17 12:14:59.790  LISTENER    ( WARN    ) : initializing module nss
02.04.17 12:14:59.995  LISTENER    ( WARN    ) : finished initializing module nss with rv=0
02.04.17 12:14:59.995  LISTENER    ( WARN    ) : initializing module udm_extension
02.04.17 12:15:02.649  LISTENER    ( WARN    ) : finished initializing module udm_extension with rv=0
02.04.17 12:15:02.649  LISTENER    ( WARN    ) : initializing module gencertificate
02.04.17 12:15:04.041  LISTENER    ( WARN    ) : finished initializing module gencertificate with rv=0
Restarting UCS libvirt daemon: libvirtdok: run: univention-libvirt: (pid 23544) 0s, normally down
.
02.04.17 12:15:09.356  LISTENER    ( WARN    ) : DNS: 23236="" exited with 1
02.04.17 12:15:09.356  LISTENER    ( WARN    ) : DNS: 23237="" exited with 1
02.04.17 12:15:09.356  LISTENER    ( WARN    ) : DNS: 23238="" exited with 1
02.04.17 12:15:09.356  LISTENER    ( WARN    ) : DNS: 23239="" exited with 1
02.04.17 12:15:09.356  LISTENER    ( WARN    ) : DNS: 23240="" exited with 1
02.04.17 12:15:09.356  LISTENER    ( WARN    ) : DNS: 23241="" exited with 1
02.04.17 12:15:09.356  LISTENER    ( WARN    ) : DNS: 23242="" exited with 1
02.04.17 12:15:09.356  LISTENER    ( WARN    ) : DNS: 23243="" exited with 1
02.04.17 12:15:09.356  LISTENER    ( WARN    ) : DNS: 23244="" exited with 1
02.04.17 12:15:09.356  LISTENER    ( WARN    ) : DNS: 23245="" exited with 1
02.04.17 12:15:09.356  LISTENER    ( WARN    ) : DNS: 23246="" exited with 1
rndc: 'reload' failed: bad zone
rndc: 'reload' failed: bad zone
zone refresh queued
zone refresh queued
zone refresh queued
rndc: 'reload' failed: bad zone
02.04.17 12:15:10.357  LISTENER    ( WARN    ) : DNS: 23555="rndc -p 55555 reload 0.168.192.in-addr.arpa" exited with 1
02.04.17 12:15:10.357  LISTENER    ( WARN    ) : DNS: 23557="rndc -p 55555 reload intranet.tobiaslorentz.de" exited with 1
02.04.17 12:15:10.358  LISTENER    ( WARN    ) : DNS: 23561="rndc -p 55555 reload 64.168.192.in-addr.arpa" exited with 1
23070
02.04.17 12:15:10.406  LISTENER    ( PROCESS ) : ldap_extension: Reloading LDAP server.
Initiating graceful reload of ldap server(s).
Sending HUP to ldap server(s): slapd ...retry #1....retry #2....done.
Starting ldap server(s): slapd ...done.
Found failed.ldif. Importing ...failed.
Please check /var/log/univention/listener.log.
23675
Initiating graceful reload of ldap server(s).
Sending HUP to ldap server(s): slapd ...done.
Starting ldap server(s): slapd ...done.
Found failed.ldif. Importing ...failed.
Please check /var/log/univention/listener.log.
Reloading /etc/samba/smb.conf: smbdstart-stop-daemon: warning: failed to kill 4985: No such process
.
Stopping nagios-nrpe: nagios-nrpe.
Starting nagios-nrpe: nagios-nrpe.
Traceback (most recent call last):
  File "/usr/lib/univention-pam/ldap-group-to-file.py", line 109, in <module>
    lo = univention.uldap.getMachineConnection( ldap_master=False )
  File "/usr/lib/pymodules/python2.7/univention/uldap.py", line 89, in getMachineConnection
    return access(host=ucr['ldap/server/name'], port=port, base=ucr['ldap/base'], binddn=ucr['ldap/hostdn'], bindpw=bindpw, start_tls=start_tls, decode_ignorelist=decode_ignorelist, reconnect=reconnect)
  File "/usr/lib/pymodules/python2.7/univention/uldap.py", line 150, in __init__
    self.__open(ca_certfile)
  File "/usr/lib/pymodules/python2.7/univention/uldap.py", line 189, in __open
    self.lo.simple_bind_s(self.binddn, self.__encode_pwd(self.bindpw))
  File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 879, in simple_bind_s
    res = self._apply_method_s(SimpleLDAPObject.simple_bind_s,*args,**kwargs)
  File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 860, in _apply_method_s
    return func(self,*args,**kwargs)
  File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 215, in simple_bind_s
    resp_type, resp_data, resp_msgid, resp_ctrls = self.result3(msgid,all=1,timeout=self.timeout)
  File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 476, in result3
    resp_ctrl_classes=resp_ctrl_classes
  File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 483, in result4
    ldap_result = self._ldap_call(self._l.result4,msgid,all,timeout,add_ctrls,add_intermediates,add_extop)
  File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 106, in _ldap_call
    result = func(*args,**kwargs)
ldap.INVALID_CREDENTIALS: {'desc': 'Invalid credentials'}
Setting umc/saml/trusted/sp/ucs.intranet.tobiaslorentz.de
File: /etc/ldap/sasl2/slapd.conf
Setting pkgdb/scan
File: /etc/apt/apt.conf.d/61invoke
Setting ldap/master
Setting kerberos/adminserver
File: /etc/ntp.conf
File: /etc/krb5.conf
Multifile: /etc/ldap/slapd.conf
File: /etc/default/ntpdate
File: /etc/nagios/nrpe.cfg
Setting license/base
Setting uuid/license
File: /etc/apt/apt.conf.d/55user_agent
Setting ucs/server/saml-idp-server/ucs.intranet.tobiaslorentz.de
Setting ldap/database/ldbm/dbsync
Multifile: /etc/ldap/slapd.conf
Restarting ldap server(s).
Stopping ldap server(s): slapd ...done.
Starting ldap server(s): slapd ...done.
Found failed.ldif. Importing ...failed.
Please check /var/log/univention/listener.log.
Starting univention-directory-listener daemon.
done.
2017-04-02 12:15:47.098960840+02:00 (in joinscript_save_current_version)
Sun Apr  2 12:15:47 CEST 2017: finish /usr/sbin/univention-join

#4

Hallo Tobias,
der Fehler liegt höchstwahrscheinlich hier:

02.04.17 12:14:17.358 LISTENER ( ERROR ) : replication: Undefined attribute type; dn=“uid=dns-ucs2,cn=users,dc=intranet,dc=tobiaslorentz,dc=de”: Error
02.04.17 12:14:17.358 LISTENER ( ERROR ) : additional info: memberOf: attribute type undefined

Und die Lösung dazu gibt es hier:
http://sdb.univention.de/content/14/270/en/memberof-attribute-group-memberships-of-user-and-computer-objects.html


#5

Hi ollikaa,

vielen Dank für deine Antwort. Es hat funktioniert!
Direkt bei der Installation lief das Importieren des failed.ldif zwar noch schief, ich hab dann aber auf dem Master den Slave nochmal entfernt und danach lief das joinen problemlos.

Ich erinnere mich dass bei der Installation der Next-Cloud App ein Hinweis kam, dass diese Erweiterung installiert wird. War mir aber nicht bewusst, dass ich die händisch auch auf den Slave installieren muss.

Nochmals vielen Dank für deine Hilfe!