Univention-join und unassigned domain

german

#1

Hallo,

ich habe den UCS 4.1 frisch installiert und den DHCP eingerichtet, der verteilt auch fleißig Adressen.

Aber ein zweiter (ebenfalls frisch installierter) UCS will nicht joinen:

root@ucs-3218:~# univention-join -verbose -dcaccount Administrator
univention-join: joins a computer to an ucs domain
copyright © 2001-2015 Univention GmbH, Germany

Enter DC Master Password:

Search DC Master:


  • Join failed! *
  • Contact your system administrator *

  • Message: missing dns service record for _domaincontroller_master._tcp.unassigned-domain

root@ucs-3218:~#

root@ucs-3218:~# cat /etc/resolv.conf
domain vorlon.ucs
search vorlon.ucs
options timeout:2
nameserver 192.168.0.250
root@ucs-3218:~#

Wed Nov 18 11:34:45 CET 2015: starting /usr/sbin/univention-join -verbose -dcaccount Administrator

  • ‘[’ -n 2 ‘]’
  • old_listener_debug_level=2
  • ucr set listener/debug/level=4
    Setting listener/debug/level
  • listener_debug_level=4
  • display_header
  • echo ‘univention-join: joins a computer to an ucs domain’
  • echo ‘copyright © 2001-2015 Univention GmbH, Germany’
  • echo ‘’
  • ‘[’ basesystem = domaincontroller_master ‘]’
  • ‘[’ -z Administrator ‘]’
  • ‘[’ ‘!’ -f /tmp/tmp.aBXBnV0RcG/dcpwd ‘]’
  • echo -n 'Enter DC Master Password: ’
  • read -s password
  • echo -n blabla
  • echo ‘’
  • echo ‘’
  • ‘[’ -n ‘’ ‘]’
  • ‘[’ basesystem = fatclient ‘]’
  • ‘[’ -z basesystem ‘]’
  • ‘[’ -z ‘’ ‘]’
  • echo -n 'Search DC Master: ’
    ++ sed -ne ‘$s/.* ([^ ]+).$/\1/p’
    ++ host -t SRV _domaincontroller_master._tcp.unassigned-domain
  • DCNAME=
  • ‘[’ -n ‘’ ‘]’
  • for i in ‘"$nameserver"’ ‘"$nameserver1"’ ‘"$nameserver2"’ ‘"$nameserver3"’ ‘"$dns_forwarder1"’ ‘"$dns_forwarder2"’ ‘"$dns_forwarder3"’
  • ‘[’ -z ‘’ ‘]’
  • continue
  • for i in ‘"$nameserver"’ ‘"$nameserver1"’ ‘"$nameserver2"’ ‘"$nameserver3"’ ‘"$dns_forwarder1"’ ‘"$dns_forwarder2"’ ‘"$dns_forwarder3"’
  • ‘[’ -z 192.168.0.250 ‘]’
    ++ sed -ne ‘$s/.* ([^ ]+).$/\1/p’
    ++ host -t SRV _domaincontroller_master._tcp.unassigned-domain 192.168.0.250
  • DCNAME=
  • ‘[’ -n ‘’ ‘]’
  • for i in ‘"$nameserver"’ ‘"$nameserver1"’ ‘"$nameserver2"’ ‘"$nameserver3"’ ‘"$dns_forwarder1"’ ‘"$dns_forwarder2"’ ‘"$dns_forwarder3"’
  • ‘[’ -z ‘’ ‘]’
  • continue
  • for i in ‘"$nameserver"’ ‘"$nameserver1"’ ‘"$nameserver2"’ ‘"$nameserver3"’ ‘"$dns_forwarder1"’ ‘"$dns_forwarder2"’ ‘"$dns_forwarder3"’
  • ‘[’ -z ‘’ ‘]’
  • continue
  • for i in ‘"$nameserver"’ ‘"$nameserver1"’ ‘"$nameserver2"’ ‘"$nameserver3"’ ‘"$dns_forwarder1"’ ‘"$dns_forwarder2"’ ‘"$dns_forwarder3"’
  • ‘[’ -z ‘’ ‘]’
  • continue
  • for i in ‘"$nameserver"’ ‘"$nameserver1"’ ‘"$nameserver2"’ ‘"$nameserver3"’ ‘"$dns_forwarder1"’ ‘"$dns_forwarder2"’ ‘"$dns_forwarder3"’
  • ‘[’ -z ‘’ ‘]’
  • continue
  • for i in ‘"$nameserver"’ ‘"$nameserver1"’ ‘"$nameserver2"’ ‘"$nameserver3"’ ‘"$dns_forwarder1"’ ‘"$dns_forwarder2"’ ‘"$dns_forwarder3"’
  • ‘[’ -z ‘’ ‘]’
  • continue
  • ‘[’ -z ‘’ ‘]’
  • failed_message ‘missing dns service record for _domaincontroller_master._tcp.unassigned-domain’
  • echo ‘’
  • echo ‘’
  • echo ‘**************************************************************************’
  • echo ‘* Join failed! *’
  • echo ‘* Contact your system administrator *’
  • echo ‘**************************************************************************’
  • echo ‘* Message: missing dns service record for _domaincontroller_master._tcp.unassigned-domain’
  • echo ‘**************************************************************************’
  • exit 1
  • trapOnExit
  • rm -rf /tmp/tmp.aBXBnV0RcG
    :

Da stehe ich etwas auf dem Schlauch. Liegt es an “unassigned domain?” Wo kommt die her ?

Ansonsten sieht das nicht so schlecht aus:

root@ucs-3218:~# host -t SRV _domaincontroller_master._tcp
_domaincontroller_master._tcp.vorlon.ucs has SRV record 0 0 0 saturn.vorlon.ucs.
root@ucs-3218:~#

root@ucs-3218:~# dig saturn.vorlon.ucs

; <<>> DiG 9.8.4-rpz2+rl005.12-P1 <<>> saturn.vorlon.ucs
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 20021
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 2

;; QUESTION SECTION:
;saturn.vorlon.ucs. IN A

;; ANSWER SECTION:
saturn.vorlon.ucs. 900 IN A 192.168.0.250

;; AUTHORITY SECTION:
vorlon.ucs. 900 IN NS saturn.vorlon.ucs.

;; ADDITIONAL SECTION:
saturn.vorlon.ucs. 900 IN AAAA xxx
saturn.vorlon.ucs. 900 IN AAAA xxx

;; Query time: 9 msec
;; SERVER: 192.168.0.250#53(192.168.0.250)
;; WHEN: Wed Nov 18 11:38:35 2015
;; MSG SIZE rcvd: 121

Grüße
Robert M. Albrecht


#2

Moin,

tragen Sie beim zu joinenden Server bitte unbedingt als primären DNS-Server die Adresse des DC Master ein. Weiterhin scheinen Sie bei der Installation des zweiten UCS keinen Domänennamen vergeben zu haben. Das funktioniert so nicht, Sie müssen dort denselben Domänennamen vergeben, wie beim DC Master.

Sie können versuchen, den Domänennamen manuell neu zu setzen (sicherheitshalber auch den DNS-Server gleich mit) und dann erneut einen Join zu versuchen:

ucr set domainname="meine-domain-wie-beim.ucs-dc-master" nameserver1="ip.meines.dc.master"

Hilft das nicht, einfach kurz neu installieren und dort den Hostnamen und Domänennamen richtig vergeben.