Wiederherstellen des Administrator-Account

german

#1

Der Administrator-Account kann durch das Kommandozeilen-Programm univention-admin wiederhergestellt werden, wenn dieser gelöscht wurde.

Führen Sie dazu in der Kommandozeile des Domaincontroller-Master die folgenden beiden Kommandos aus.

eval `univention-baseconfig shell ldap/base`
univention-admin users/user create --position cn=users,$ldap_base --set \
  username=Administrator --set lastname=Administrator --set password=univention \
  --set groups="cn=Domain Admins,cn=groups,$ldap_base" --policy-reference \
  cn=default-admins,cn=admin-settings,cn=users,cn=policies,$ldap_base

Kein Administratorkonto nach Installation
#2

Hi
I try but does’t work


#3
root@email:~# univention-admin users/user create --position cn=users,$ldap_base                                  --set
option --set requires argument
root@email:~# username=management --set lastname=Administrator --set password=un                                 ivention
-bash: --set: command not found
root@email:~# --set groups="cn=Domain Admins,cn=groups,$ldap_base" --policy-refe                                 rence
-bash: --set: command not found
root@email:~# cn=default-admins,cn=admin-settings,cn=users,cn=policies,$ldap_base                                

#4

Those four lines were supposed to be typed as a single line. I’ve fixed the formatting to reflect this and make copying & pasting easier.


#5

I try agian


root@cloud:~# univention-admin users/user create --position cn=users,$ldap_base --set username=management --set lastname=Administrator --set password=univention --set groups="cn=Domain Admins,cn=groups,$ldap_base" --policy-reference cn=default-admins,cn=admin-settings,cn=users,cn=policies,$ldap_base
Traceback (most recent call last):
  File "/usr/share/univention-directory-manager-tools/univention-cli-server", line 218, in doit
    output = univention.admincli.admin.doit(arglist)
  File "/usr/lib/pymodules/python2.7/univention/admincli/admin.py", line 398, in doit
    out = _doit(arglist)
  File "/usr/lib/pymodules/python2.7/univention/admincli/admin.py", line 590, in _doit
    position.setDn(position_dn)
  File "/usr/lib/pymodules/python2.7/univention/admin/uldap.py", line 276, in setDn
    dn = ldap.dn.str2dn(dn)
  File "/usr/lib/python2.7/dist-packages/ldap/dn.py", line 53, in str2dn
    return ldap.functions._ldap_function_call(None,_ldap.str2dn,dn,flags)
  File "/usr/lib/python2.7/dist-packages/ldap/functions.py", line 66, in _ldap_function_call
    result = func(*args,**kwargs)
DECODING_ERROR
root@cloud:~#

#6

Well… that command you’ve posted works fine for me, and I’ve never seen a DECODING_ERROR when using udm/univention-admin. I cannot help you with that, I’m afraid.


#7

Can you post you sucess commmand for me?
I try two diffrent server but I got sam error with “DECODING_ERROR”


#8

I copied & pasted the same command you already posted. No need for me to post it again.


#9

Do you have other command for creat user with administrator group?


#10

No, I don’t.

(post must be at least 20 characters…)


#11

I have more question
Can I modify Administrator user to use Root’s password again? becasue administrator user was link to active directory before and I removed adconnector but I still can’t login Administrator with Root password
Can you help me?


#12

Sure, you can use udm (or univention-admin; both are the same tool) for that, too. The basic syntax is udm users/user modify --dn … --set password=NewPassword, but I wouldn’t be surprised if you run into the same DECODING_ERROR that you’ve already run into as your system seems to have some kind of fundamental issue.


#13

Hi,
there is a “user decoding mismatch”.

The first post shows TWO commands to be run! Otherwise you will get your decoding error.

So type:

eval `univention-baseconfig shell ldap/base`

followed by:

univention-admin users/user create --position cn=users,$ldap_base --set username=management --set lastname=Administrator --set password=univention --set groups="cn=Domain Admins,cn=groups,$ldap_base" --policy-reference cn=default-admins,cn=admin-settings,cn=users,cn=policies,$ldap_base

And you will have your Administrator back.

As long as you do not set the variables used in the second command (ie $ldap_base) you will have your error. The first command will set these varaibles.

/CV


#14

Thank you so much Now My administrator is back


#15

Hi
I need more help with User management Now I can login as Administrator and I remove adconnector my purpose is I want to take over user form AD to univention user I try to edit user but can’t do that

Attention: The user "file.sod" is part of the Active Directory domain. UCS can only change certain attributes.

Is there any way to take over user?
Thank you


#16

Sorry, this has nothing to do with the 12 year old thread you re-opened recently.

Please create a new thread for this topic.

It is not helpful to mix different topics into a single thread.

/CV