I am using UCS scince one year and I am very happy with it. Because of my old Hardeware I decided to build a new Computer to be ready for the future.
Hardware:
Motherboard = ASRock J3455-ITX
1x SSD = 64GB Transcend SSD340K
2x Hard drive = WD Red 8 TB
Because the Motherboard could only handle Grub < Version 2 I used UCS Version 4.1-0 for the Installation.
I choose for both WD Red 8 TB Raid 1. There was no Problem with the Installation.
Everything with the updates worked fine as well until I installed UCS Version 4.2-1. After the Update it is not possible anymore to log in on the webinterface. It is still possible to add the Name (“Administrator”) and Password. After using the log in Botton it starts to log in but the webinterface never pops up.
The console is still working.
1.I tried to install UCS again
2.I checked with dpgk --audit if there are Problems listed (no Problems)
3.I updated with dpgk --conifgure -a if there is a mistake (no Problems)
4.I updated UCS to Version 4.2-3 on the console to find out if the update is solving the Problem (Problem not solved)
5. I did univention-ldapsearch and checked after it the /var/log/univention/management-console-*.log.
there are a couple Errors in the logfile listed. See attached Pictures.
Hope someone has an idea what I can try, to get the webinterface working with UCS Version > 4.2-1
did you modify the configuration of the Apache web server somehow?
What’s the output of univention-check-templates?
Kind regards,
mosu
PS: Screenshots are nice in some situations, but not for pasting log files. It would have been better for us if you had simply pasted their content as text — easier to read, to search etc. For the future.
thank you very much for your response. I appreciate it.
I would like to provide you in the future the logs as text file.
My Linux skills are not the best at the Moment because I took Pictures the first time.
Is there a possibility to get the log files on an usb Stick so that I can provide it in the future.
Maybe you can give me a console code for that.
So back to your question.
If I use the command “univention-check-templates” as root, there is no Output on the console.
I tried “sudo univention-check-templates” as well but there is the same.
I learned this morning how to mount a usb stick to provide the logs as text files in the future.
So I thought, that I should provide you the logs again to make it easier for you. But now I have only information included in
management-console-server.log
management-console-web-Server.log
All the other log files are empty now.
I use two Browsers at the Moment. IE11 Update Version 11.0.50 and Firefox 58.0.2.
Firefox on a WIN 10, WIN 7 and Linux Mint. IE only on the WIN 10 and WIN 7 Computer.
I cleared all 5 Browsers and did a new Installation of Firefox on the WIN 10 Computer.
Unfortunatly nothing changed. It is still not possible to log in to the web Interface.
But there is maybe something interessting for you I recognized today.
Before I did the update to UCS 4.2-1 it was possible to use the https://ucs-2018a… address to come to the log in area.
Now it is only possible with the IP Address.
I gather that you’re posting to this forum from a different computer than your UCS server. In general you don’t need to use USB thumbdrives or other external means for copying stuff to other computers. Instead you should probably just copy the files we ask for via ssh. There are a plethora of Free/Open Source software that you can use, e.g. WinSCP (Windows only), FileZilla (Windows/Linux/macOS) or scp (part of the OpenSSH project, command-line only). Start the program, log into the server with user root and the corresponding password, copy the file to your desktop, post it.
Similarly if we ask you to post the output of some command, you can just start an ssh client such as Putty (Windows only) or ssh (command-line only, all platforms), log in to the server as root, execute the command & then copy the output directly from the ssh program.
Back to your problem. Have you tried using the full server name including its domain name? E.g. in my test domain my server is called master, and the domain is mbu-test.intranet, so the full URL would be https://master.mbu-test.intranet/. Please give that full URL a try (replacing master.mbu-test.intranet with appropriate values for your server & domain).
Next please try the old login method which doesn’t use SAML. Try the following URL for logging in: https://master.mbu-test.intranet/univention/login/ (again replacing master.mbu-test.intranet with your server’s fully-qualified domain name).
thank you very much for your tips. I appreciate it. I choose Filezilla. It is so much easier to get access to the files. I am learning so much from you guys.
Back to my problem.
I tried https://ucs-2018a.baer.internal/ and https://ucs-2018a.baer.internal/univention/login/ in the past and today again with clearing the browser cache before.
But only with the ip it is possible to come to the login area at the moment. But I know, that before the update to 4.2-1 was done the URL`s above worked fine because I was a couple times on the webinterface to do the updates and I did not use the ip to access the webinterface.
Today I found out, that if I wait maybe 10-15 minutes after I did the login (with ip) the server is calling back failure 502.
Hope this can help to come closer to my problem.
Thank`s to everybody who is helping me in this case.
Just to make sure I understand you correctly. When you use the host name to connect, e.g. https://ucs-2018a.baer.internal/, then you do see the Univention interface, and you do get the login screen, but after entering your credentials you only get a blank screen?
Next: please verify that the server’s date & time settings are correct. Log in via ssh as root and execute date in order to see what the server’s current date & time is.
Afterwards please run the following two commands and paste its output:
When I use the host Name to connect (in my case https://ucs-2018a.baer.internal/) I do not see the Univention interface.
My Browser is letting me know that the site is not reachable.
Only if I use the ip it is possible to put in the credentials. But after this I see only the UCS logo until the failure 502 is popping up after 10 - 15 min. I also can provide you screenshot if it helps.
Attached the Outputs:
root@ucs-2018a:~# date
Di 13. Feb 19:09:44 CET 2018
may I assume your client is a Windows machine?
What happens when you open the command line and do a “ping ucs-2018a.baer.internal”?
Could you post the output of the above command and additionally of “ipconfig /all” on the client (not on the UCSsystem)?
The host name is resolved to an external IP address when queried outside of your server. It is resolved correctly when queried on your server. The server’s host name must always resolve to its internal address.
You’ll have to figure out why the DNS server that your desktop(s) use returns an external IP address.
If you need to have your server available from outside the intranet, then you should rather add a totally independent DNS record for that and not try to re-use the server’s name.
I tried yesterday night and today a couple things to find the dns problem. But I have no clue where it comes from.
When I set on my Computer the dns Server 192.168.178.32 in the lan settings it is possible to connect
with https://ucs-2018a.baer.internal to the login area. Unfortunatly the login to the univention Interface is still not possible.
Like I said at the beginning of this topic I have a further UCS Master 4.2-2 (very old hardware) running in a seperate Network.
To find the DNS Problem I tried
I disconnected the old UCS Master to test my new UCS Master in this Network. I had the same issues like in the test Network.
I putted the old UCS Master in my test Network where I had my new UCS Master running. The old UCS Master is working fine in the test Network.
I used a Fritz Box 4040 (wihtout DSL / factory reset) to created a third Network. Old one is working fine and the new one is not.
Lets go back to the beginning of this topic. All the issues started with the update from 4.2-0 to 4.2-1.
Before running the update everything worked fine with the new UCS Master.
Because of this and the tests I did I am thinking the issues are coming from the new UCS Master at the moment.
What do you think? is that possible or I am on the wrong way?
Is there maybe something I can compare between the old UCS Master and the new one?
Could there be a dns server problem on the new UCS Master?
As you posted, this is the DNS server your client queries. I assume this is the Fritz-Box! And I assume Fritz! has no clue about the DNS server of the master.
Make sure your DHCP-Server (I assume active on Fritz! for third network) gives the IP of your master, not of the Fritz!Box.
as knebb has said: you should make sure all clients use the UCS DC Master as the DNS server, not your FritzBox.
I’m a bit confused about your multiple UCS DC Master servers. Are those set up with the same domain name? What are the DNS settings on the new DC Master (post the output of ucr search --brief nameserver)?
In my Network with my old UCS Master (ucs-2014.baer.internal) I did a dns route for baer.internal to (ucs-2014.baer.internal). Because of it the dns worked fine with my old UCS Master.
When I did the last test with using my new UCS Master (ucs-2018a.baer.internal) in this network, I forgot to change the dns route to (ucs-2018a.baer.internal). So I tried it again with the correct dns route and the pings are good now.
Here the current ping outputs (ucs-2018a = 192.168.100.3)
ping ucs-2018a.baer.internal
Ping wird ausgeführt für ucs-2018a.baer.internal [192.168.100.3] mit 32 Bytes Daten:
Antwort von 192.168.100.3: Bytes=32 Zeit<1ms TTL=64
Antwort von 192.168.100.3: Bytes=32 Zeit<1ms TTL=64
Antwort von 192.168.100.3: Bytes=32 Zeit<1ms TTL=64
Antwort von 192.168.100.3: Bytes=32 Zeit<1ms TTL=64
Ping-Statistik für 192.168.100.3:
Pakete: Gesendet = 4, Empfangen = 4, Verloren = 0
(0% Verlust),
Ca. Zeitangaben in Millisek.:
Minimum = 0ms, Maximum = 0ms, Mittelwert = 0ms
root@ucs-2018a:~# host ucs-2018a.baer.internal
ucs-2018a.baer.internal has address 192.168.100.3
What I learned:
Never use a Fritz Box if you do a test Network, also if you consider in the dns settings your Server IP. It is not working like it should.
If you have a dns route you have to change it before you use a different server.
It is possible now to reach the server with https://ucs-2018a.baer.internal/ in the browser.
Unfortunatly I have still the problem with the login to the univention web interface.
After I did the login with my credentials there is still popping up after 10-15 min the “failure 502”.
Hope you have a further idea why it is not possible to reach the univention web interface.
I’m confused. Ealier in a post you showed the output of ip a, and that shows your server ucs-2018a having the IP address 192.168.178.32. Now you’re stating it has the address 192.168.100.3?
There’s a reason I’m going on and on about DNS and IP addresses. Without a working and consistent DNS system a lot of services will fail subtly.
bare with me. I am not an IT expert. please explain in more details why it is so important to have the same IP address the hole time.
I always thought that you could change IP addresses as you go along.
When I started this process to replace my old UCS Master (ucs2014.baer.internal = 192.168.100.0/24) with the new UCS Master (ucs-2018a.baer.internal) I assumed the IP Address for the initial installation is not important.
I thought you can change it at any time.
When I found out, that my test Network (192.168.178.0/24 with fritz box) is not working, but the existing Network (192.168.100.0/24) is working fine because of the dns route for “baer.internal” I did the change to the new IP range, which I would have done anyway as soon as I have the new UCS Master running.
If you don´t mind please go into more details.
Would it help if I sent you a network map of the test network (192.168.178.0/24) I used initily and my existing Network (192.168.100.0/24) where the new UCS Master should work in the future?
Hi together,