Wiederherstellen des Administrator-Account

Der Administrator-Account kann durch das Kommandozeilen-Programm univention-admin wiederhergestellt werden, wenn dieser gelöscht wurde.

Führen Sie dazu in der Kommandozeile des Domaincontroller-Master die folgenden beiden Kommandos aus.

eval `univention-baseconfig shell ldap/base`
univention-admin users/user create --position cn=users,$ldap_base --set \
  username=Administrator --set lastname=Administrator --set password=univention \
  --set groups="cn=Domain Admins,cn=groups,$ldap_base" --policy-reference \
  cn=default-admins,cn=admin-settings,cn=users,cn=policies,$ldap_base

Hi
I try but does’t work

root@email:~# univention-admin users/user create --position cn=users,$ldap_base                                  --set
option --set requires argument
root@email:~# username=management --set lastname=Administrator --set password=un                                 ivention
-bash: --set: command not found
root@email:~# --set groups="cn=Domain Admins,cn=groups,$ldap_base" --policy-refe                                 rence
-bash: --set: command not found
root@email:~# cn=default-admins,cn=admin-settings,cn=users,cn=policies,$ldap_base                                

Those four lines were supposed to be typed as a single line. I’ve fixed the formatting to reflect this and make copying & pasting easier.

I try agian


root@cloud:~# univention-admin users/user create --position cn=users,$ldap_base --set username=management --set lastname=Administrator --set password=univention --set groups="cn=Domain Admins,cn=groups,$ldap_base" --policy-reference cn=default-admins,cn=admin-settings,cn=users,cn=policies,$ldap_base
Traceback (most recent call last):
  File "/usr/share/univention-directory-manager-tools/univention-cli-server", line 218, in doit
    output = univention.admincli.admin.doit(arglist)
  File "/usr/lib/pymodules/python2.7/univention/admincli/admin.py", line 398, in doit
    out = _doit(arglist)
  File "/usr/lib/pymodules/python2.7/univention/admincli/admin.py", line 590, in _doit
    position.setDn(position_dn)
  File "/usr/lib/pymodules/python2.7/univention/admin/uldap.py", line 276, in setDn
    dn = ldap.dn.str2dn(dn)
  File "/usr/lib/python2.7/dist-packages/ldap/dn.py", line 53, in str2dn
    return ldap.functions._ldap_function_call(None,_ldap.str2dn,dn,flags)
  File "/usr/lib/python2.7/dist-packages/ldap/functions.py", line 66, in _ldap_function_call
    result = func(*args,**kwargs)
DECODING_ERROR
root@cloud:~#

Well… that command you’ve posted works fine for me, and I’ve never seen a DECODING_ERROR when using udm/univention-admin. I cannot help you with that, I’m afraid.

Can you post you sucess commmand for me?
I try two diffrent server but I got sam error with “DECODING_ERROR”

I copied & pasted the same command you already posted. No need for me to post it again.

Do you have other command for creat user with administrator group?

No, I don’t.

(post must be at least 20 characters…)

I have more question
Can I modify Administrator user to use Root’s password again? becasue administrator user was link to active directory before and I removed adconnector but I still can’t login Administrator with Root password
Can you help me?

Sure, you can use udm (or univention-admin; both are the same tool) for that, too. The basic syntax is udm users/user modify --dn … --set password=NewPassword, but I wouldn’t be surprised if you run into the same DECODING_ERROR that you’ve already run into as your system seems to have some kind of fundamental issue.

Hi,
there is a “user decoding mismatch”.

The first post shows TWO commands to be run! Otherwise you will get your decoding error.

So type:

eval `univention-baseconfig shell ldap/base`

followed by:

univention-admin users/user create --position cn=users,$ldap_base --set username=management --set lastname=Administrator --set password=univention --set groups="cn=Domain Admins,cn=groups,$ldap_base" --policy-reference cn=default-admins,cn=admin-settings,cn=users,cn=policies,$ldap_base

And you will have your Administrator back.

As long as you do not set the variables used in the second command (ie $ldap_base) you will have your error. The first command will set these varaibles.

/CV

1 Like

Thank you so much Now My administrator is back

Hi
I need more help with User management Now I can login as Administrator and I remove adconnector my purpose is I want to take over user form AD to univention user I try to edit user but can’t do that

Attention: The user "file.sod" is part of the Active Directory domain. UCS can only change certain attributes.

Is there any way to take over user?
Thank you

Sorry, this has nothing to do with the 12 year old thread you re-opened recently.

Please create a new thread for this topic.

It is not helpful to mix different topics into a single thread.

/CV

Mastodon