Beim versuch update-univention durchzufuehren scheitert es, wie es schein, an LDAP permissions.
Code: Alles auswählen
5] [Dez 18 13:26:35] Creating ldap backend instance (opsi-setup|599)
[5] [Dez 18 13:26:35] Testing ldap schema (opsi-setup|605)
[2] [Dez 18 13:26:35] Traceback: (Logger.py|742)
[2] [Dez 18 13:26:35] line 3137 in '<module>' in file '/usr/bin/opsi-setup' (Logger.py|742)
[2] [Dez 18 13:26:35] line 3107 in 'main' in file '/usr/bin/opsi-setup' (Logger.py|742)
[2] [Dez 18 13:26:35] line 587 in 'updateUniventionBackend' in file '/usr/bin/opsi-setup' (Logger.py|742)
[2] [Dez 18 13:26:35] line 616 in 'updateLDAPBackend' in file '/usr/bin/opsi-setup' (Logger.py|742)
[2] [Dez 18 13:26:35] ==>>> Test of opsi-ldap 4.0 schema failed: Backend I/O error: {'info': 'no write access to entry', 'desc': 'Insufficient access'}, Please verify opsi.schema and restart slapd. (opsi-setup|3145)
ERROR: Test of opsi-ldap 4.0 schema failed: Backend I/O error: {'info': 'no write access to entry', 'desc': 'Insufficient access'}, Please verify opsi.schema and restart slapd.Code: Alles auswählen
ldapObj = LDAPObject(u"cn=opsi-config-test,%s" % config['opsiBaseDn'])
ldapObj.new("opsiProductOnClient")
ldapObj.setAttribute('opsiProductId', ['test'])
ldapObj.setAttribute('opsiClientId', ['test.domain.tld'])
ldapObj.setAttribute('opsiProductType', ['LocalbootProduct'])
ldapObj.writeToDirectory(ldapSession)
ldapObj.deleteFromDirectory(ldapSession)
except Exception, e:
raise Exception(u'Test of opsi-ldap 4.0 schema failed: %s, Please verify opsi.schema and restart slapd.' % e)
Ich hab mir slapd.conf etwas angesehen und verstehe nicht warum es nicht funktioniert, ich habe auch ein workaround probiert indem ich die letzte zeile durch ein
"by * write"
ersetzt habe, aber auch ohne erfolg.
Code: Alles auswählen
# children of cn=opsi with the following objectClasses might be added and
# deleted at will
access to dn.regex="^.*,cn=[^,]+,cn=opsi,dc=myserver,dc=at$"
attrs="entry,children,@opsiNetworkConfig,@opsiGeneralConfig,@organizationalRole,@opsiProduct,@opsiServerProduct,@opsiLocalBootProduct,@opsiNetBootProduct,@opsiProductClass,@opsiDependency,@opsiProductDependency,@opsiProductClassDependency,@opsiConfig,@opsiUnicodeConfig,@opsiBoolConfig,@opsiConfigState,@opsiProductProperty,@opsiUnicodeProductProperty,@opsiBoolProductProperty,@opsiGroup,@opsiHostGroup,@opsiProductGroup,@opsiProductState,@opsiProductPropertyDefinition,@opsiProductOnDepot,@opsiProductOnClient,@opsiProductPropertyState,structuralObjectClass,entryCSN,entryUUID,modifyTimestamp,modifiersName,createTimestamp,creatorsName,entryDN,subschemaSubentry,hasSubordinates"
by group/univentionGroup/uniqueMember="cn=DC Backup Hosts,cn=groups,dc=myserver,dc=at" write
by group/univentionGroup/uniqueMember="cn=DC Slave Hosts,cn=groups,dc=myserver,dc=at" write
by group/univentionGroup/uniqueMember="cn=OPSI Depot Servers,cn=groups,dc=myserver,dc=at" write
by * none break
Installiert habe ich:
Code: Alles auswählen
ii opsi-atftpd 0.7.dfsg-1.4 advanced TFTP server - opsi version with pcr
ii opsi-configed 4.0.1.16-1 OPSI config editor
ii opsi-linux-bootimage 20110926-1 opsi linux bootimage
ii opsi-utils 4.0.1.15-1 opsi utils
ii opsi4ucs 4.0.1.8-1 opsi software deployment for ucs
ii opsi4ucs-ldap-schema 4.0.1.8-1 opsi software deployment ldap extension for
ii opsiconfd 4.0.1.9-4 opsi configuration service
ii opsipxeconfd 4.0.1.4-1 opsi pxe configuration daemon
ii python-opsi 4.0.1.32-1 opsi python library
und da ich schon beim thema opsi4ucs bin ... wird opsi4ucs unter UCS 3.0 supported?
Ich bekomme beim Thema opsi irgendwie den eindruck UCS schickt die leute zum UIB forum, UIB schickt die leute zum OPSI forum.