Hallo Josef,
kannst du mal das setup.log posten?
von der linuxmuster.lan
installation.
Hast du als OPNsensepasswort
Muster!
verwendet?
Hast du beim global-admin
ein seltsames Sonderzeichen verwendet?
Bei jeder Testinstallation das gleiche?
LG
Holger
Hey Holger,
ist ein sandbox Server, daher über Muster! Immer das selbe PW
------------------------------------------------------------------------------
#### linuxmuster-setup startet at 2024-03-10 21:52:14 ####
------------------------------------------------------------------------------
Custom inifile /root/config.txt given on cli, ignoring other arguments!
------------------------------------------------------------------------------
#### ini ####
#### Reading /usr/share/linuxmuster/setupdefaults.ini .......... Success! ####
#### Reading /var/lib/linuxmuster/setup.ini .................... Success! ####
#### Reading /var/cache/linuxmuster/custom.ini ................. Success! ####
#### * Domainname .................................. jdsr.linuxmuster.lan ####
#### * Servername ................................................ server ####
#### * Server-IP ............................................... 10.0.0.1 ####
#### * Bitmask ....................................................... 16 ####
#### * DHCP range ................................. 10.0.0.100-10.0.0.200 ####
#### * Firewall IP ........................................... 10.0.0.254 ####
#### Creating global binduser secret ........................... Success! ####
#### Writing setup ini file .................................... Success! ####
------------------------------------------------------------------------------
#### general-dialog ####
#### Reading setup data ........................................ Success! ####
Server hostname: server
Netbios name: SERVER
Domain name: linuxmuster.lan
BaseDN: DC=linuxmuster,DC=lan
REALM: LINUXMUSTER.LAN
Sambadomain: LINUXMUSTER
DHCP range: 10.0.0.100 10.0.0.200
#### Writing input to setup ini file ........................... Success! ####
#### Setting root password ..................................... Success! ####
------------------------------------------------------------------------------
#### templates ####
#### Reading setup data ........................................ Success! ####
#### Processing config templates: ####
#### * rsyncd.conf ............................................. Success! ####
#### * cupsd.conf .............................................. Success! ####
#### * subnets.csv ............................................. Success! ####
#### * rsync.override.conf ..................................... Success! ####
#### * dhcpd.subnets.conf ...................................... Success! ####
#### * dhcpd.conf .............................................. Success! ####
#### * dhcpd.custom.conf ....................................... Success! ####
#### * smb.conf ................................................ Success! ####
#### * smb.conf.admin .......................................... Success! ####
#### * ntp.conf ................................................ Success! ####
#### * nsswitch.conf ........................................... Success! ####
#### * dhcpd.apparmor.d ........................................ Success! ####
#### * dhcpd.events.conf ....................................... Success! ####
#### * dhcpd.devices.conf ...................................... Success! ####
#### * webui-sudoers ........................................... Success! ####
#### * devices.csv ............................................. Success! ####
#### * ntpd.apparmor.d ......................................... Success! ####
#### Server prepare update ..................................... Success! ####
#### Adjusting server time .......................... 2024-03-10 21:52:40 ####
------------------------------------------------------------------------------
#### fstab ####
#### Modifying mount options for / ............................. Success! ####
#### Remounting / .............................................. Success! ####
------------------------------------------------------------------------------
#### ssl ####
#### Reading setup data ........................................ Success! ####
#### Creating private CA key & certificate ..................... Success! ####
#### Creating private server key & certificate ..................Success! ####
#### Creating private firewall key & certificate ................Success! ####
#### Ensure key and certificate permissions .................... Success! ####
------------------------------------------------------------------------------
#### ssh ####
#### Reading setup data ........................................ Success! ####
#### Stopping ssh service ...................................... Success! ####
#### Creating ssh host keys .................................... Success! ####
#### Creating ssh root keys: ####
#### * dsa key ................................................. Success! ####
#### * ecdsa key ............................................... Success! ####
#### * ed25519 key ............................................. Success! ####
#### * rsa key ................................................. Success! ####
#### starting ssh service ...................................... Success! ####
------------------------------------------------------------------------------
#### linbo ####
#### Reading setup data ........................................ Success! ####
#### Creating rsync secrets file ............................... Success! ####
#### Providing server ip to linbo start.conf files ............. Success! ####
#### Activating linbo-torrent service .......................... Success! ####
#### Reconfiguring linbo (forking to background) ............... Success! ####
------------------------------------------------------------------------------
#### samba-provisioning ####
#### Stopping samba services ................................... Success! ####
#### Reading setup data ........................................ Success! ####
#### Generating AD admin password .............................. Success! ####
#### Provisioning samba ........................................ Success! ####
#### Provisioning krb5 ......................................... Success! ####
#### Enabling samba services ................................... Success! ####
#### Backing up samba .......................................... Success! ####
#### Provisioning sophomorix samba schema ...................... Success! ####
#### Fixing resolv.conf ........................................ Success! ####
#### Exchanging smb.conf ....................................... Success! ####
#### Starting samba ad dc service .............................. Success! ####
------------------------------------------------------------------------------
#### samba-users ####
#### Reading setup data ........................................ Success! ####
#### Backing up samba .......................................... Success! ####
#### Creating share for default-school ......................... Success! ####
#### Creating samba account for global-admin ................... Success! ####
#### Creating samba account for global-binduser ................ Success! ####
#### No expiry for administrative passwords .................... Success! ####
#### Creating ou for default-school ............................ Success! ####
#### Creating samba account for pgmadmin ....................... Success! ####
#### Creating samba account for dns-admin ...................... Success! ####
#### Masking passwords in logfile .............................. Success! ####
------------------------------------------------------------------------------
#### add-server ####
#### Reading setup data ........................................ Success! ####
#### Creating device entries for: ####
#### * server ................................ 10.0.0.1 bc:24:11:d6:25:3a ####
#### * firewall ............................ 10.0.0.254 BC:24:11:0C:15:CA ####
------------------------------------------------------------------------------
#### firewall ####
#### Reading setup data ........................................ Success! ####
#### Calculating radius secret ................................. Success! ####
#### Downloading firewall configuration: ####
#### get 10.0.0.254 /conf/config.xml /var/cache/linuxmuster/opnsense.xml ####
#### * Download finished successfully. ####
#### * Backing up .............................................. Success! ####
#### * Reading current config .................................. Success! ####
#### * Reading certificates & ssh key .......................... Success! ####
#### * Creating xml configuration file ......................... Success! ####
#### * Saving api credentials .................................. Success! ####
#### Uploading firewall configuration: ####
#### put 10.0.0.254 /var/cache/linuxmuster/opnsense.xml /tmp/opnsense.xml ####
#### * Upload finished successfully. ####
#### Creating web proxy sso auth config file ####
#### put 10.0.0.254 /tmp/pre-auth.conf /tmp/pre-auth.conf ####
#### Installing extensions and rebooting firewall ####
#### put 10.0.0.254 /usr/share/linuxmuster/firewall/opnsense/fwsetup.sh /tmp/fwsetup.sh ####
#### Executing ssh command on 10.0.0.254: ####
#### * -> "chmod +x /tmp/fwsetup.sh" ####
#### * SSH connection successfully established. ####
#### * SSH command execution finished successfully. ####
#### Executing ssh command on 10.0.0.254: ####
#### * -> "/tmp/fwsetup.sh" ####
#### * SSH connection successfully established. ####
#### * SSH command execution finished successfully. ####
------------------------------------------------------------------------------
#### webui ####
* Create Webui Configuration
* Create Webui Upload Folder
* WebUI Setup Success!
------------------------------------------------------------------------------
#### final ####
#### Reading setup data ........................................ Success! ####
#### Restarting apparmor service ............................... Success! ####
#### Writing school name to school.conf ........................ Success! ####
#### Starting device import .................................... Success! ####
#### Waiting for opnsense to come up ####
#### Executing ssh command on 10.0.0.254: ####
#### * -> "exit" ####
#### * SSH connection successfully established. ####
#### Starting subnets import ................................... Success! ####
#### Creating web proxy sso keytab ............................. Success! ####
#### Removing admin password from setup.ini .................... Success! ####
------------------------------------------------------------------------------
#### linuxmuster-setup finished at 2024-03-10 21:55:32 ####
------------------------------------------------------------------------------Danke! und Gruß
Josef
Hallo Josef,
kannst du mal bitte folgende Befehle ausführen:
linuxmuster-import-devices
und
sophomorix-check
sophomorix-add
LG
Holger
Hey Holger,
linuxmuster-import-devices
------------------------------------------------------------------------------
#### linuxmuster-import-devices startet at 2024-03-10 22:54:11 ####
------------------------------------------------------------------------------
#### Starting sophomorix-device syntax check: ####
#### sophomorix-device finished OK! ####sophomorix-check
Command line::
Hmmh. do not know what to do with option info
Option verbose is a modifier option
Option json is a modifier option
* forcing info mode
Option combinations successfully checked
OK: SophomorixSchemaVersion 1 matches required Version 1
#### Reading /usr/share/sophomorix/devel/sophomorix.ini ####
#### Distro-check: Ubuntu 22.04 is OK ####
#### Reading /etc/samba/smb.conf ####
#### Reading /usr/lib/linuxmuster-webui/etc/default-ui-permissions.ini ####
#### Parsing: net conf list ####
#### Asking domain passwordsettings from samba ####
#### Reading /etc/linuxmuster/sophomorix/sophomorix.conf ####
#### Reading /etc/linuxmuster/sophomorix/default-school/school.conf ####
#### 0 ERRORS, 0 WARNINGS -> let's go ####
#### Creating lock in /var/lib/sophomorix/lock/sophomorix.lock ####
#### /usr/sbin/sophomorix-check started ... ####
#### Cleaning up last check ####
#### Reading injected lines ... ####
#### 0 ERRORS, 0 WARNINGS -> let's go ####
#### Searching AD for users ... ####
#### Query AD (begin) ####
#### Query AD (end) ####
#### ### School default-school: Matching lines in files to users in AD ... ####
#### unidMATCH: 0 CHECKED in default-school, MATCH: 0, NOMATCH: 0, NOunid: 0 ####
#### exactMATCH: 0 CHECKED in default-school, MATCH: 0, NOMATCH: 0 ####
#### approxMATCH: 0 CHECKED in default-school, MATCH: 0 (Edit distance: 1) ####
#### ## School default-school ... Done! ####
#### Removing lock in /var/lib/sophomorix/lock/sophomorix.lock ####
#### /usr/sbin/sophomorix-check terminated regularly ####
Calling console printout
LOG : /usr/sbin/sophomorix-check terminated regularly
##### Overview of what can be done:
0 users can be added in sophomorix.add
0 users can be updated in sophomorix.update
0 users can be killed in sophomorix.kill
0 users are not to be changed in sophomorix.nochange
0 users with errors in sophomorix.error UND
sophomorix-add
Command line::
Hmmh. do not know what to do with option info
Option verbose is a modifier option
Option json is a modifier option
* forcing info mode
Option combinations successfully checked
OK: SophomorixSchemaVersion 1 matches required Version 1
#### Reading /usr/share/sophomorix/devel/sophomorix.ini ####
#### Distro-check: Ubuntu 22.04 is OK ####
#### Reading /etc/samba/smb.conf ####
#### Reading /usr/lib/linuxmuster-webui/etc/default-ui-permissions.ini ####
#### Parsing: net conf list ####
#### Asking domain passwordsettings from samba ####
#### Reading /etc/linuxmuster/sophomorix/sophomorix.conf ####
#### Reading /etc/linuxmuster/sophomorix/default-school/school.conf ####
#### 0 ERRORS, 0 WARNINGS -> let's go ####
#### Creating lock in /var/lib/sophomorix/lock/sophomorix.lock ####
#### /usr/sbin/sophomorix-add started ... ####
No users added -> No hook scripts run.
#### Removing lock in /var/lib/sophomorix/lock/sophomorix.lock ####
#### /usr/sbin/sophomorix-add terminated regularly ####
Calling console printout
LOG : /usr/sbin/sophomorix-add terminated regularly
0 users added
Sieht für mich ok aus.
Gruß
Josef
Hallo Josef,
die uniqueness Meldungen hab ich auch im log, wie ich vorhin bemerkt habe (da hab ich in die Logs wegen eines anderen Treads geschaut).
[2024/03/08 09:42:15.633254, 0] ../../source4/dsdb/samdb/ldb_modules/samldb.c:3992(samldb_spn_uniqueness_check)
samldb_spn_uniqueness_check: SPN HOST/SERVER failed direct uniqueness check
[2024/03/08 09:51:11.779429, 0] ../../source4/dsdb/samdb/ldb_modules/samldb.c:3906(check_spn_direct_collision)
check_spn_direct_collision: SPN 'HOST/SERVER' is on 'CN=SERVER,OU=Domain Controllers,DC=bzpf,DC=lan' so it can't be added to 'CN=SERVER,OU=server,OU=Devices,OU=default-school,OU=SCHOOLS,DC=bzpf,DC=lan'
LG
Holger