Oct 2021
11 / 11
Nov 2021
Nov 2021
mikey
Oct '21
1

Hello all forum members,
I recently installed, so I could try epl version’ UCS with egroupware. After installation I installed connector with my AD and upgraded the system. After that I wanted to upgrade egroupware but failed.
Install scripts removed egw from my system so the only solution was to install it once again.
After that I am not able to log in to egw instance with any other user than domain admin who logged into UCS :frowning:
I would be gratefull for any help :slight_smile:

  • created

    Oct '21

  • last reply

    Nov '21
  • 10

    replies

  • 2.1k

    views

  • 2

    users

  • 1

    like

  • 2

    links

  • 6
StefanUEGroupware GmbH
Oct '21

Hi .

You mean?:

Why do you (must) upgrade EGroupware after a new EGroupware installation?

Of course, that should not happen.

Please take a view in
/var/log/univention/appcenter.log

Did you use UCS5 or UCS4?

Stefan

mikey
Oct '21
1
  1. Yes - Active Directory Connection - Univention App Center
  2. Because it showed me there is an update :wink:
  3. I upgraded UCS 4 to UCS 5
  4. Do I look for sth specific?
    Regards,
    Mike

I wanted to upload log but I am not entitled to as a new user :frowning:

StefanUEGroupware GmbH
Oct '21

I generally don’t think it’s a good idea to do an app update together with a UCS upgrade. In case of problems, it is difficult to say what was the cause and what was the effect.

The best thing to do is to reset the VM from the screenshot/backup and do one step after the other again.

Newbie :slight_smile: Now you can.

The place where EGroupware is uninstalled. Perhaps there are clues there as to why the UCS wants to uninstall EGroupware.

Stefan

StefanUEGroupware GmbH
Oct '21

That is a situation the EPL-license is not valid.

image
image.png744x281 93.5 KB

Please check the license under:
/Admin/Applications/EPL-Feautures/License key

Stefan

StefanUEGroupware GmbH
Oct '21

I have testet with an older instance: Upgrade UCS 4.4-8 errata1077 (last 4.4) with working EGroupware to UCS 5:
Works without deinstalling EGroupware

Are you really sure that here:

image
image.png756x208 46.7 KB

you have click on update and not uninstall?

Stefan

11 days later
mikey
Nov '21

Hi StefanU, I will answer as soon as I check everything again. For now, I am quite unhealthy doing so.
Thanks for your help

mikey
Nov '21

Hi, I did a fresh install to double check every step.

  1. I set up a new UCS server
  2. I logged in into egroupware to confirm it works. It did :slight_smile:
  3. I installed Active Directory Connector
  4. I confirmed my existing users were imported into UCS - They were.
  5. I tried to log into egroupware - I got “Permission denied! Can’t connect/bind to LDAP server ‘tls://hostname.domainname.tld:7389’ and dn=‘uid=egroupware-hostname,cn=egroupware,dc=domainname,dc=tld’!”
  6. I confirmed a user egroupware-hostname exist - it does.
  7. I confirmed a group egroupware exists - it does.
  8. I confirmed an ldap server is running and is reachable - it is.
  9. I checked /var/log/auth.log and found:
    Nov 12 19:34:02 ws104 python2.7: pam_unix(univention-management-console:auth): authentication failure; logname= uid=0 euid=0 tty= ruser= rhost= user=Administrator Nov 12 19:34:02 ws104 python2.7: pam_krb5(univention-management-console:auth): user Administrator authenticated as Administrator@DOMAINNAME.TLD (expired) Nov 12 19:34:13 ws104 ldapsearch: DIGEST-MD5 common mech free Nov 12 19:34:13 ws104 ldapsearch: DIGEST-MD5 common mech free Nov 12 19:34:13 ws104 ldapsearch: DIGEST-MD5 common mech free Nov 12 19:34:51 ws104 ldapsearch: DIGEST-MD5 common mech free Nov 12 19:34:51 ws104 ldapsearch: DIGEST-MD5 common mech free Nov 12 19:34:51 ws104 ldapsearch: DIGEST-MD5 common mech free Nov 12 19:35:01 ws104 CRON[31544]: pam_unix(cron:session): session opened for user root by (uid=0) Nov 12 19:35:01 ws104 CRON[31544]: pam_unix(cron:session): session closed for user root Nov 12 19:35:18 ws104 python2.7: pam_unix(univention-management-console:auth): authentication failure; logname= uid=0 euid=0 tty= ruser= rhost= user=my_ad_admin_user Nov 12 19:35:19 ws104 python2.7: pam_krb5(univention-management-console:auth): user my_ad_admin_user authenticated as my_ad_admin_user@DOMAINNAME.TLD
  10. I don’t know wether it is an error or not 9my domainname in capital letters)
  11. And I am stucked again :wink:

I thought an UCS server would be interesting but I got much more trouble than I would want in my production enviroment.

For now I have set up an egw instance on ubuntu machine and it works very well. As expected one could say :slight_smile:

StefanUEGroupware GmbH
Nov '21

Hi Mikey.

OK.
This is not so much an error/problem with EGroupware.
The problem occurs when the system tries to authenticate a user against LDAP.

If you want to approach this problem again, it makes sense to ask this in the Univention forum:

UCS is interesting if you want to run applications (which are offered in the App-Center) in a Microsoft Windows environment.
Or if you want to operate a domain on the basis of UCS as a directory service.

:+1:

Stefan