Domain systems can't connect to host,

Hi I’ve an strange issue,
When I tried to start an ssh session to my mail server from an domain workstation, I receive an error message: “Connection refused”
When I connect to the same server from an system which one isn’t an domain member it works as expected.
And an ssh connection from the UNC domain controller works also without an issue.

Strange issue, is after a couple off hours, it works.
But as soon I reboot the server, it’s happens again.

And the Zarafa log show me also the following:
Tue Aug 2 10:29:15 2016: [ notice] Starting zarafa-server version 7,2,4,29, pid 8008
Tue Aug 2 10:41:04 2016: [error ] LDAP search error: Can’t contact LDAP server. Will unbind, reconnect and retry.

But I receive new mails.

It looks like the LDAP-server on this system is not working at least during this times.
I’d try to see if there are hints in the standard logs in /var/log.

I’m agreed with you that it likes an ldap issue, but I’ve no idea where I can find the right solution.

I’ve no problem to access an file share, to log-on to an workstation, on the domain,
And I can log-on to the other server without an issue.

So it likes really an issue on the mail server it self.
When I open the join script, I see the following.

UNNING 35univention-management-console-module-reboot.inst
EXITCODE=already_executed
RUNNING 35univention-management-console-module-services.inst
EXITCODE=already_executed
RUNNING 35univention-management-console-module-setup.inst
EXITCODE=already_executed
RUNNING 35univention-management-console-module-sysinfo.inst
EXITCODE=already_executed
RUNNING 35univention-management-console-module-top.inst
EXITCODE=already_executed
RUNNING 35univention-management-console-module-ucr.inst
EXITCODE=already_executed
RUNNING 35univention-management-console-module-updater.inst
EXITCODE=already_executed
RUNNING 36univention-management-console-module-apps.inst
EXITCODE=already_executed
RUNNING 70zarafa4ucs-udm.inst
EXITCODE=already_executed
RUNNING 70zarafa4ucs-webapp-update.inst
EXITCODE=already_executed
RUNNING 70zarafa4ucs.inst
EXITCODE=already_executed
RUNNING 71zarafa4ucs-webapp.inst
EXITCODE=already_executed
RUNNING 81univention-nfs-server.inst
EXITCODE=already_executed
RUNNING 92univention-management-console-web-server.inst
EXITCODE=already_executed
RUNNING 98univention-pkgdb-tools.inst
EXITCODE=already_executed
RUNNING 99zarafa4ucs-safemode-off.inst
EXITCODE=already_executed

Fri Jul 29 21:52:14 CEST 2016
univention-run-join-scripts finished

Sun Jul 31 01:05:47 2016: [error ] M4LMsgServiceAdmin::ConfigureMsgService() MSGServiceEntry failed 80040115: network error
Terminating on signal 15

All the scripts are successfully applied. Is it an option to rerun one off the scripts?

The fact that there are no outstanding jointasks (which can be also checked with “univention-check-join-status”) doesnt necessarily mean that everything is working.
“M4LMsgServiceAdmin” is caused by Zarafa and most likely unrelated.

I can only repeat that the standard log may have more informations.

Best Regards,
Dirk

Here I’m again.
As you know I had from time to time the above problem, that I can’t connect to my mail server, from any device in my domain.
While one day later everything works then as expected, as long the mail server didn’t reboot.

The last weeks, I didn’t see any issue, log-on works well.
So yesterday, I install the latest updates on my DC, without any issue.
Today I install the updates on the mail server, and again I can’t connect to the server from any host on the domain.
And when I connect them from out-side the domain, it works fine.

Is this related with the commodo certificate that’s on this server, instead their servers own certificate?
Sorry I’m more familiar on windows servers, so I need some help from the forum.

And When I can’t connect the mail server the SSH connection failed as well.
But when I connect to the DC, with an SSH connection, and go from there to the mail server, it works without an issue.

Hi goudduif,
as already mentioned before, you need to post the standard logs from your mail-server. Without that information it’s only a shot in the dark.
Please take a look into the directory /var/log/. Check the files auth.log, messages and syslog for errors / warnings. Post the content / errors /warnings of those files here in this thread.

Example for opening the files with a simple editor (as root or privileged user):

root@mailserver:~$ cd /var/log/ root@mailserver:~$ nano auth.log
It would be best if you force the error to appear, then look into the logs and post the output.

/var/log/auth.log

Sep 14 23:00:02 MailServer CRON[6870]: pam_krb5(cron:session): pam_sm_close_session: entry (silent)
Sep 14 23:00:02 MailServer CRON[6870]: pam_krb5(cron:session): pam_sm_close_session: exit (success)
Sep 14 23:00:02 MailServer CRON[6873]: pam_unix(cron:session): session closed for user root
Sep 14 23:00:02 MailServer CRON[6873]: pam_krb5(cron:session): pam_sm_close_session: entry (silent)
Sep 14 23:00:02 MailServer CRON[6873]: pam_krb5(cron:session): pam_sm_close_session: exit (success)
Sep 14 23:00:04 MailServer CRON[6869]: pam_unix(cron:session): session closed for user root
Sep 14 23:00:04 MailServer CRON[6869]: pam_krb5(cron:session): pam_sm_close_session: entry (silent)
Sep 14 23:00:04 MailServer CRON[6869]: pam_krb5(cron:session): pam_sm_close_session: exit (success)
Sep 14 23:00:06 MailServer CRON[6874]: pam_unix(cron:session): session closed for user root
Sep 14 23:00:06 MailServer CRON[6874]: pam_krb5(cron:session): pam_sm_close_session: entry (silent)
Sep 14 23:00:06 MailServer CRON[6874]: pam_krb5(cron:session): pam_sm_close_session: exit (success)
Sep 14 23:05:01 MailServer CRON[7007]: pam_unix(cron:session): session opened for user root by (uid=0)
Sep 14 23:05:01 MailServer CRON[7008]: pam_unix(cron:session): session opened for user root by (uid=0)
Sep 14 23:05:01 MailServer CRON[7008]: pam_krb5(cron:session): pam_sm_open_session: entry (silent)
Sep 14 23:05:01 MailServer CRON[7007]: pam_krb5(cron:session): pam_sm_open_session: entry (silent)
Sep 14 23:05:01 MailServer CRON[7007]: pam_krb5(cron:session): no context found, creating one
Sep 14 23:05:01 MailServer CRON[7008]: pam_krb5(cron:session): no context found, creating one
Sep 14 23:05:01 MailServer CRON[7007]: pam_krb5(cron:session): ignoring low-UID user (0 < 1000)
Sep 14 23:05:01 MailServer CRON[7007]: pam_krb5(cron:session): pam_sm_open_session: exit (ignore)
Sep 14 23:05:01 MailServer CRON[7008]: pam_krb5(cron:session): ignoring low-UID user (0 < 1000)
Sep 14 23:05:01 MailServer CRON[7008]: pam_krb5(cron:session): pam_sm_open_session: exit (ignore)
Sep 14 23:05:01 MailServer CRON[7009]: pam_unix(cron:session): session opened for user root by (uid=0)
Sep 14 23:05:01 MailServer CRON[7009]: pam_krb5(cron:session): pam_sm_open_session: entry (silent)
Sep 14 23:05:01 MailServer CRON[7009]: pam_krb5(cron:session): no context found, creating one
Sep 14 23:05:01 MailServer CRON[7009]: pam_krb5(cron:session): ignoring low-UID user (0 < 1000)
Sep 14 23:05:01 MailServer CRON[7009]: pam_krb5(cron:session): pam_sm_open_session: exit (ignore)
Sep 14 23:05:01 MailServer CRON[7009]: pam_unix(cron:session): session closed for user root
Sep 14 23:05:01 MailServer CRON[7009]: pam_krb5(cron:session): pam_sm_close_session: entry (silent)
Sep 14 23:05:01 MailServer CRON[7009]: pam_krb5(cron:session): pam_sm_close_session: exit (success)
Sep 14 23:05:30 MailServer sshd[7037]: Accepted keyboard-interactive/pam for root from 10.0.0.205 port 61050 ssh2
Sep 14 23:05:30 MailServer sshd[7037]: pam_unix(sshd:session): session opened for user root by (uid=0)
Sep 14 23:05:30 MailServer sshd[7037]: pam_krb5(sshd:session): pam_sm_open_session: entry
Sep 14 23:05:30 MailServer sshd[7037]: pam_krb5(sshd:session): no context found, creating one
Sep 14 23:05:30 MailServer sshd[7037]: pam_krb5(sshd:session): ignoring low-UID user (0 < 1000)
Sep 14 23:05:30 MailServer sshd[7037]: pam_krb5(sshd:session): pam_sm_open_session: exit (ignore)
Sep 14 23:05:30 MailServer sshd[7037]: subsystem request for sftp by user root

/var/log/syslog

Sep 14 22:20:01 MailServer /USR/SBIN/CRON[6446]: (root) CMD (if [ -x /usr/bin/mrtg ] && [ -r /etc/mrtg.cfg ] && [ -d “$(grep ‘^[[:space:]][^#][[:space:]]WorkDir’ /etc/mrtg.cfg | awk ‘{ print $NF }’)" ]; then mkdir -p /var/log/mrtg ; env LANG=C /usr/bin/mrtg /etc/mrtg.cfg 2>&1 | tee -a /var/log/mrtg/mrtg.log ; fi)
Sep 14 22:20:01 MailServer /USR/SBIN/CRON[6453]: (root) CMD ( if [ -x /usr/sbin/univention-umount-homedirs ]; then /usr/sbin/univention-umount-homedirs; fi)
Sep 14 22:20:01 MailServer /USR/SBIN/CRON[6455]: (root) CMD (/usr/share/univention-ssl/ssl-sync >>/var/log/univention/ssl-sync.log 2>&1)
Sep 14 22:25:01 MailServer /USR/SBIN/CRON[6484]: (root) CMD (if [ -x /usr/bin/mrtg ] && [ -r /etc/mrtg.cfg ] && [ -d "$(grep '^[[:space:]]
[^#][[:space:]]WorkDir’ /etc/mrtg.cfg | awk ‘{ print $NF }’)" ]; then mkdir -p /var/log/mrtg ; env LANG=C /usr/bin/mrtg /etc/mrtg.cfg 2>&1 | tee -a /var/log/mrtg/mrtg.log ; fi)
Sep 14 22:30:02 MailServer /USR/SBIN/CRON[6526]: (root) CMD (if [ -x /usr/bin/mrtg ] && [ -r /etc/mrtg.cfg ] && [ -d "$(grep '^[[:space:]]
[^#]
[[:space:]]WorkDir’ /etc/mrtg.cfg | awk ‘{ print $NF }’)" ]; then mkdir -p /var/log/mrtg ; env LANG=C /usr/bin/mrtg /etc/mrtg.cfg 2>&1 | tee -a /var/log/mrtg/mrtg.log ; fi)
Sep 14 22:30:02 MailServer /USR/SBIN/CRON[6530]: (root) CMD ( if [ -x /usr/sbin/univention-umount-homedirs ]; then /usr/sbin/univention-umount-homedirs; fi)
Sep 14 22:30:02 MailServer /USR/SBIN/CRON[6535]: (root) CMD (/usr/sbin/univention-mrtg)
Sep 14 22:30:02 MailServer /USR/SBIN/CRON[6545]: (root) CMD ([ -x /usr/sbin/univention-system-stats ] && /usr/sbin/univention-system-stats >/dev/null)
Sep 14 22:30:02 MailServer /USR/SBIN/CRON[6572]: (root) CMD ( [ -x /usr/lib/univention-pam/ldap-group-to-file.py ] && /usr/lib/univention-pam/ldap-group-to-file.py --check_member)
Sep 14 22:34:07 MailServer ntpd_intres[4549]: host name not found: BackupDC002.mydomain.nl
Sep 14 22:35:01 MailServer /USR/SBIN/CRON[6642]: (root) CMD (if [ -x /usr/bin/mrtg ] && [ -r /etc/mrtg.cfg ] && [ -d "$(grep '^[[:space:]]
[^#][[:space:]]WorkDir’ /etc/mrtg.cfg | awk ‘{ print $NF }’)" ]; then mkdir -p /var/log/mrtg ; env LANG=C /usr/bin/mrtg /etc/mrtg.cfg 2>&1 | tee -a /var/log/mrtg/mrtg.log ; fi)
Sep 14 22:39:01 MailServer /USR/SBIN/CRON[6661]: (root) CMD ( [ -x /usr/lib/php5/maxlifetime ] && [ -x /usr/lib/php5/sessionclean ] && [ -d /var/lib/php5 ] && /usr/lib/php5/sessionclean /var/lib/php5 $(/usr/lib/php5/maxlifetime))
Sep 14 22:40:01 MailServer /USR/SBIN/CRON[6684]: (root) CMD ( if [ -x /usr/sbin/univention-umount-homedirs ]; then /usr/sbin/univention-umount-homedirs; fi)
Sep 14 22:40:01 MailServer /USR/SBIN/CRON[6687]: (root) CMD (/usr/share/univention-ssl/ssl-sync >>/var/log/univention/ssl-sync.log 2>&1)
Sep 14 22:40:01 MailServer /USR/SBIN/CRON[6690]: (root) CMD (if [ -x /usr/bin/mrtg ] && [ -r /etc/mrtg.cfg ] && [ -d "$(grep '^[[:space:]]
[^#]
[[:space:]]WorkDir’ /etc/mrtg.cfg | awk ‘{ print $NF }’)" ]; then mkdir -p /var/log/mrtg ; env LANG=C /usr/bin/mrtg /etc/mrtg.cfg 2>&1 | tee -a /var/log/mrtg/mrtg.log ; fi)
Sep 14 22:45:01 MailServer /USR/SBIN/CRON[6716]: (root) CMD (/usr/sbin/univention-mrtg)
Sep 14 22:45:01 MailServer /USR/SBIN/CRON[6719]: (root) CMD ( [ -x /usr/lib/univention-pam/ldap-group-to-file.py ] && /usr/lib/univention-pam/ldap-group-to-file.py --check_member)
Sep 14 22:45:01 MailServer /USR/SBIN/CRON[6728]: (root) CMD (if [ -x /usr/bin/mrtg ] && [ -r /etc/mrtg.cfg ] && [ -d "$(grep '^[[:space:]]
[^#][[:space:]]WorkDir’ /etc/mrtg.cfg | awk ‘{ print $NF }’)" ]; then mkdir -p /var/log/mrtg ; env LANG=C /usr/bin/mrtg /etc/mrtg.cfg 2>&1 | tee -a /var/log/mrtg/mrtg.log ; fi)
Sep 14 22:50:01 MailServer /USR/SBIN/CRON[6826]: (root) CMD ( if [ -x /usr/sbin/univention-umount-homedirs ]; then /usr/sbin/univention-umount-homedirs; fi)
Sep 14 22:50:01 MailServer /USR/SBIN/CRON[6828]: (root) CMD (if [ -x /usr/bin/mrtg ] && [ -r /etc/mrtg.cfg ] && [ -d "$(grep '^[[:space:]]
[^#]
[[:space:]]WorkDir’ /etc/mrtg.cfg | awk ‘{ print $NF }’)" ]; then mkdir -p /var/log/mrtg ; env LANG=C /usr/bin/mrtg /etc/mrtg.cfg 2>&1 | tee -a /var/log/mrtg/mrtg.log ; fi)
Sep 14 22:50:09 MailServer ntpd_intres[4549]: host name not found: BackupDC002.mydomain.nl
Sep 14 22:55:01 MailServer /USR/SBIN/CRON[6850]: (root) CMD (if [ -x /usr/bin/mrtg ] && [ -r /etc/mrtg.cfg ] && [ -d "$(grep '^[[:space:]]
[^#][[:space:]]WorkDir’ /etc/mrtg.cfg | awk ‘{ print $NF }’)" ]; then mkdir -p /var/log/mrtg ; env LANG=C /usr/bin/mrtg /etc/mrtg.cfg 2>&1 | tee -a /var/log/mrtg/mrtg.log ; fi)
Sep 14 23:00:01 MailServer /USR/SBIN/CRON[6894]: (root) CMD ( if [ -x /usr/sbin/univention-umount-homedirs ]; then /usr/sbin/univention-umount-homedirs; fi)
Sep 14 23:00:01 MailServer /USR/SBIN/CRON[6896]: (root) CMD (if [ -x /usr/bin/mrtg ] && [ -r /etc/mrtg.cfg ] && [ -d "$(grep '^[[:space:]]
[^#]
[[:space:]]WorkDir’ /etc/mrtg.cfg | awk ‘{ print $NF }’)" ]; then mkdir -p /var/log/mrtg ; env LANG=C /usr/bin/mrtg /etc/mrtg.cfg 2>&1 | tee -a /var/log/mrtg/mrtg.log ; fi)
Sep 14 23:00:01 MailServer /USR/SBIN/CRON[6904]: (root) CMD ([ -x /usr/sbin/univention-system-stats ] && /usr/sbin/univention-system-stats >/dev/null)
Sep 14 23:00:01 MailServer /USR/SBIN/CRON[6903]: (root) CMD ( [ -x /usr/lib/univention-pam/ldap-group-to-file.py ] && /usr/lib/univention-pam/ldap-group-to-file.py --check_member)
Sep 14 23:00:01 MailServer /USR/SBIN/CRON[6907]: (root) CMD (/usr/share/univention-ssl/ssl-sync >>/var/log/univention/ssl-sync.log 2>&1)
Sep 14 23:00:01 MailServer /USR/SBIN/CRON[6912]: (root) CMD (/usr/sbin/univention-mrtg)
Sep 14 23:05:01 MailServer /USR/SBIN/CRON[7019]: (root) CMD ( [ -x /usr/share/univention-updater/univention-updater-check ] && /usr/sbin/jitter 600 /usr/share/univention-updater/univention-updater-check 2> /dev/null > /dev/null)
Sep 14 23:05:01 MailServer /USR/SBIN/CRON[7022]: (root) CMD ( /usr/share/univention-directory-policy/univention-directory-policy-cron)
Sep 14 23:05:01 MailServer /USR/SBIN/CRON[7026]: (root) CMD (if [ -x /usr/bin/mrtg ] && [ -r /etc/mrtg.cfg ] && [ -d "$(grep '^[[:space:]]
[^#]*[[:space:]]*WorkDir’ /etc/mrtg.cfg | awk ‘{ print $NF }’)” ]; then mkdir -p /var/log/mrtg ; env LANG=C /usr/bin/mrtg /etc/mrtg.cfg 2>&1 | tee -a /var/log/mrtg/mrtg.log ; fi)
Sep 14 23:06:12 MailServer ntpd_intres[4549]: host name not found: BackupDC002.mydomain.nl

/var/log/message

Sep 13 12:05:33 MailServer kernel: [ 16.520646] ip6_tables: © 2000-2006 Netfilter Core Team
Sep 13 12:05:58 MailServer kernel: [ 41.773181] bridge: automatic filtering via arp/ip/ip6tables has been deprecated. Update your scripts to load br_netfilter if you need this.
Sep 14 06:25:13 MailServer rsyslogd: [origin software=“rsyslogd” swVersion=“5.8.11” x-pid=“2850” x-info=“http://www.rsyslog.com”] rsyslogd was HUPed
Sep 14 06:25:13 MailServer rsyslogd: [origin software=“rsyslogd” swVersion=“5.8.11” x-pid=“2850” x-info=“http://www.rsyslog.com”] rsyslogd was HUPed
Sep 14 06:47:44 MailServer spamd.pid[3415]: spamd: restarting using ‘/usr/sbin/spamd --create-prefs --max-children 10 --helper-home-dir -d --pidfile=/var/run/spamd.pid’

Hi goudduif,
thanks for your reply.
The posted log-files auth.log and messages are ok, as far as i have seen. In syslog i can see one error:

My first guess is that you check your DNS if everything is configured correctly.
Please also check if the is any difference between the ssh-login via IP or FQDN.

Finally one advice. When you are posting logs, use code tags to make your post more readable. See here http://forum.univention.de/faq.php?mode=bbcode#f2r1

[quote=“ollikaa”]

Finally one advice. When you are posting logs, use code tags to make your post more readable. See here http://forum.univention.de/faq.php?mode=bbcode#f2r1[/quote]

Sorry for this mistake, next time I’ll follow up this rule’s!

Can it happens that the above issue is releated with the s4 connector failure?
While I found that I’ve an s4 Connection failure, When I tried to start the service, I receive an error message: " connector/s4/ldap/certificate not set"
And on the Forum, I found only an old German post releated to the s4 connection, whithout an solution.

Hi goudduif,
please compare the time between your DC and your mailserver (use “date” or “hwclock” on commandline).

Is “BackupDC002.mydomain.nl” part of your domain?

Post the output of:

grep "server " /etc/ntp.conf

[quote=“ollikaa”]
please compare the time between your DC and your mailserver (use “date” or “hwclock” on commandline).

Is “BackupDC002.mydomain.nl” part of your domain?

Post the output of:

grep "server " /etc/ntp.conf

Time settings is not the case, when compare the time, there’s not more then 10 sec different.
BackupDC002 was down for maintenance on the time I run above task!
The issue, only happens the first day’s after a reboot of the mail server.

Mastodon