Verbindungsprobleme nach Serverumzug

Antworten
WolleKette
Beiträge: 61
Registriert: 12 Nov 2013, 15:19

Verbindungsprobleme nach Serverumzug

Beitrag von WolleKette »

Hallo,

wir haben mal versuchsweise eine Umzug von OPSI auf einen neuen Server getestet. Versuchsweise, weil der OPSI Server in einer VM läuft und wir somit einfach zurück können. Der neue Server hat einen identischen Namen und IP-Adresse, nur eben ein aktuelles Ubuntu.

Die Schritte dazu hab ich mir hier aus dem Forum zusammengesucht und es sieht erst mal auch ganz gut aus. Im configed sind alle Gruppen und Clients mit ihren installierten Produkten usw. vorhanden. Nur melden die Clients jetzt beim Verbindungsaufbau einen Fehler:
Failed to convert decrypted text to unicode.
Ich denke mal, das hat was mit dem SSL Server Zertifikat zu tun. Hab schon das Kapitel 7.4 und 7.5 im Handbuch gelesen. Aber weiß jemand, was man da genau austauschen muss bzw. ob das überhaupt funktioniert?
Benutzeravatar
n.wenselowski
Ex-uib-Team
Beiträge: 3194
Registriert: 04 Apr 2013, 12:15

Re: Verbindungsprobleme nach Serverumzug

Beitrag von n.wenselowski »

Hi,

interessant wäre hier zu wissen welche Versionen denn auf den Clients bzw. dem Server laufen.
Außerdem braucht es mehr Kontext für eine solche Fehlermeldung, also bitte nicht zu spärlich mit Log-Ausschnitten sein ;)


Gruß

Niko

Code: Alles auswählen

import OPSI
WolleKette
Beiträge: 61
Registriert: 12 Nov 2013, 15:19

Re: Verbindungsprobleme nach Serverumzug

Beitrag von WolleKette »

Oh, ich war so fixiert auf die Idee, dass es an dem Zertifikat liegt, dass ich auf Zusatzinfos verzichtet hab. Mach ich normalerweise nicht :oops:

Beim Server handelt es sich um die aktuelle Version 4.1.1.4-10 (dpkg-l von opsi-server) unter Ubuntu 18.04.
Der Client-Agent hat die Version 4.1.0.0-14 und läuft auf meinem Pc unter Windows 10 Version 1803.

Die Fehlermeldung hab ich aus dem Dialog-Fenster während des Verbindungsaufbaus abgeschrieben. Sie findet sich aber in der opsiclientd.log.
Ich hab mal für meinen Rechner (wolle.neutron.lan) ein on_demand ausgelöst. Aber das alleine produziert schon über 600 Zeilen Logfile. Ziemlich viel für's Forum. Hier mal ein paar Ausschnitte.

C:\opsi.org\log\opsiclientd.log

Code: Alles auswählen

[6] [Oct 11 14:12:28] [ event processing on_demand{user_logged_in}] Starting ServiceConnectionThread, timeout is 15 seconds   (OpsiService.pyo|164)
[5] [Oct 11 14:12:28] [ service connection            ] Connecting to config server 'https://192.168.11.64:4447' #1   (OpsiService.pyo|326)
[3] [Oct 11 14:12:28] [ service connection            ] Failed to read version info from file u'/etc/opsi/version': [Errno 2] No such file or directory: u'/etc/opsi/version'   (Backend.pyo|206)
[5] [Oct 11 14:12:29] [ service connection            ] Disabling mysql backend and license management module: no customer in modules file   (JSONRPC.pyo|572)
[6] [Oct 11 14:12:29] [ service connection            ] <JSONRPCBackend(host=u'192.168.11.64', deflate=False)>: Connected to service   (JSONRPC.pyo|497)
[3] [Oct 11 14:12:29] [ service connection            ] Refusing to set deflate because opsi service answers with wrong HTTP header contents.   (JSONRPC.pyo|424)
[5] [Oct 11 14:12:29] [ service connection            ] Connected to config server 'https://192.168.11.64:4447'   (OpsiService.pyo|355)
[5] [Oct 11 14:12:33] [ event processing on_demand{user_logged_in}] Trying to read config from file: 'C:\Program Files (x86)\opsi.org\opsi-client-agent\opsiclientd\opsiclientd.conf'   (Config.pyo|283)
[6] [Oct 11 14:12:33] [ event processing on_demand{user_logged_in}] Setting config value global.log_file   (Config.pyo|204)
[6] [Oct 11 14:12:33] [ event processing on_demand{user_logged_in}] Setting config value global.log_level   (Config.pyo|204)
[6] [Oct 11 14:12:33] [ event processing on_demand{user_logged_in}] Setting config value global.host_id   (Config.pyo|204)
C:\opsi.org\log\opsiclientd.log

Code: Alles auswählen

[6] [Oct 11 14:12:34] [ opsiclientd                   ] Searching pids of process name winlogon.exe (session id: 1)   (Windows.pyo|1447)
[6] [Oct 11 14:12:34] [ opsiclientd                   ] Found process winlogon.exe with matching name (pid 684, session 1)   (Windows.pyo|1470)
[5] [Oct 11 14:12:34] [ opsiclientd                   ] Executing: 'C:\Program Files (x86)\opsi.org\opsi-client-agent\\opsiclientd_rpc.exe "wolle.neutron.lan" "*** confidential ***" "4441" "setCurrentActiveDesktopName("1", System.getActiveDesktopName())"' in session '1' on desktop 'winsta0\winlogon'   (Windows.pyo|1634)
[6] [Oct 11 14:12:34] [ opsiclientd                   ] Process startet, pid: 5796   (Windows.pyo|1637)
[6] [Oct 11 14:12:34] [ opsiclientd                   ] Waiting for process ending: 5796 (timeout: 60 seconds)   (Windows.pyo|1640)
[6] [Oct 11 14:12:36] [ control server                ] Worker <ocdlib.ControlServer.WorkerOpsiclientdJsonRpc instance at 0x027766C0> started processing   (Worker.pyo|251)
[5] [Oct 11 14:12:36] [ control pipe                  ] New session created   (Session.pyo|184)
[5] [Oct 11 14:12:36] [ control server                ] Authorization request from wolle.neutron.lan@127.0.0.1 (application: opsi jsonrpc module version 4.0.7.28)   (ControlServer.pyo|162)
[5] [Oct 11 14:12:36] [ opsiclientd                   ] -----> Executing: backend_getInterface()   (JsonRpc.pyo|134)
[6] [Oct 11 14:12:36] [ opsiclientd                   ] Got result   (JsonRpc.pyo|142)
[6] [Oct 11 14:12:37] [ control server                ] Worker <ocdlib.ControlServer.WorkerOpsiclientdJsonRpc instance at 0x02B8C698> started processing   (Worker.pyo|251)
[6] [Oct 11 14:12:37] [ control server                ] Reusing session for client '127.0.0.1', application 'opsi jsonrpc module version 4.0.7.28'   (Worker.pyo|397)
[5] [Oct 11 14:12:37] [ control server                ] Authorization request from wolle.neutron.lan@127.0.0.1 (application: opsi jsonrpc module version 4.0.7.28)   (ControlServer.pyo|162)
[5] [Oct 11 14:12:37] [ opsiclientd                   ] -----> Executing: setCurrentActiveDesktopName(1, u'Default')   (JsonRpc.pyo|134)
[5] [Oct 11 14:12:37] [ opsiclientd                   ] rpc setCurrentActiveDesktopName: current active desktop name for session 1 set to 'Default'   (ControlServer.pyo|565)
[6] [Oct 11 14:12:37] [ opsiclientd                   ] Got result   (JsonRpc.pyo|142)
[6] [Oct 11 14:12:38] [ control server                ] Worker <ocdlib.ControlServer.WorkerOpsiclientdJsonRpc instance at 0x02B8C620> started processing   (Worker.pyo|251)
[6] [Oct 11 14:12:38] [ control server                ] Reusing session for client '127.0.0.1', application 'opsi jsonrpc module version 4.0.7.28'   (Worker.pyo|397)
[5] [Oct 11 14:12:38] [ control server                ] Authorization request from wolle.neutron.lan@127.0.0.1 (application: opsi jsonrpc module version 4.0.7.28)   (ControlServer.pyo|162)
[5] [Oct 11 14:12:38] [ opsiclientd                   ] -----> Executing: backend_exit()   (JsonRpc.pyo|134)
[6] [Oct 11 14:12:38] [ opsiclientd                   ] Got result   (JsonRpc.pyo|142)
[5] [Oct 11 14:12:38] [ opsiclientd                   ] Process 5796 ended with exit code 0   (Windows.pyo|1650)
[2] [Oct 11 14:12:38] [ event config gui_startup{cache_ready}] Traceback:   (Logger.pyo|757)
[2] [Oct 11 14:12:38] [ event config gui_startup{cache_ready}]   File "OPSI\Backend\JSONRPC.pyo", line 103, in processResult
   (Logger.pyo|757)
[2] [Oct 11 14:12:38] [ event config gui_startup{cache_ready}]      ==>>> Failed to convert decrypted text to unicode.   (JSONRPC.pyo|111)
[2] [Oct 11 14:12:38] [ event processing on_demand{user_logged_in}] Traceback:   (Logger.pyo|757)
[2] [Oct 11 14:12:38] [ event processing on_demand{user_logged_in}]   File "ocdlib\EventProcessing.pyo", line 677, in processProductActionRequests
   (Logger.pyo|757)
[2] [Oct 11 14:12:38] [ event processing on_demand{user_logged_in}]   File "ocdlib\EventProcessing.pyo", line 771, in runActions
   (Logger.pyo|757)
[2] [Oct 11 14:12:38] [ event processing on_demand{user_logged_in}]   File "ocdlib\Config.pyo", line 533, in getDepotserverCredentials
   (Logger.pyo|757)
[2] [Oct 11 14:12:38] [ event processing on_demand{user_logged_in}]   File "<string>", line 1, in user_getCredentials
   (Logger.pyo|757)
[2] [Oct 11 14:12:38] [ event processing on_demand{user_logged_in}]   File "OPSI\Backend\JSONRPC.pyo", line 679, in _jsonRPC
   (Logger.pyo|757)
[2] [Oct 11 14:12:38] [ event processing on_demand{user_logged_in}]   File "OPSI\Backend\JSONRPC.pyo", line 148, in execute
   (Logger.pyo|757)
[2] [Oct 11 14:12:38] [ event processing on_demand{user_logged_in}]   File "OPSI\Backend\Backend.pyo", line 148, in waitForResult
   (Logger.pyo|757)
[2] [Oct 11 14:12:38] [ event processing on_demand{user_logged_in}]      ==>>> Failed to convert decrypted text to unicode.   (EventProcessing.pyo|695)
[3] [Oct 11 14:12:38] [ event processing on_demand{user_logged_in}] Failed to process product action requests: Failed to convert decrypted text to unicode.   (EventProcessing.pyo|696)
[5] [Oct 11 14:12:41] [ event processing on_demand{user_logged_in}] Trying to read config from file: 'C:\Program Files (x86)\opsi.org\opsi-client-agent\opsiclientd\opsiclientd.conf'   (Config.pyo|283)
Und dann hätten wir noch Auszüge aus der opsiclientd.conf

C:\Program Files (x86)\opsi.org\opsi-client-agent\opsiclientd\opsiclientd.conf

Code: Alles auswählen

[global]

log_level = 6
host_id = wolle.neutron.lan
opsi_host_key = c08fd166cb3ca5d47eb44624b44462ca

# Verify opsi server certs
verify_server_cert = False

# Verify opsi server certs by ca
verify_server_cert_by_ca = False

....

server_cert_dir = C:\opsi.org\opsiclientd\server-certs
state_file = C:\opsi.org\opsiclientd\state.json
timeline_db = C:\opsi.org\opsiclientd\timeline.sqlite

...

[control_server]

# The network interfaces to bind to.
# This must be the IP address of an network interface.
# Use 0.0.0.0 to listen to all interfaces
interface = 0.0.0.0

# The port where opsiclientd will listen for HTTPS rpc requests.
port = 4441

# The location of the server certificate.
ssl_server_cert_file = %global.base_dir%\\opsiclientd\\opsiclientd.pem

# The location of the server private key
ssl_server_key_file = %global.base_dir%\\opsiclientd\\opsiclientd.pem

# The location of the static files
static_dir = %global.base_dir%\\opsiclientd\\static_html

# The maximum number of authentication failures before a client ip
# is blocked for an amount of time.
max_authentication_failures = 5
Benutzeravatar
n.wenselowski
Ex-uib-Team
Beiträge: 3194
Registriert: 04 Apr 2013, 12:15

Re: Verbindungsprobleme nach Serverumzug

Beitrag von n.wenselowski »

Hi,

das Problem scheint tief zu liegen.
Stell mal das Loglevel höher und schau dir die Logs an!


Gruß

Niko

Code: Alles auswählen

import OPSI
Antworten