Procedure for changing FQDN?

tessierp · July 28, 2020, 11:47pm

NethServer Version: 7.8

Is there an easy procedure to follow to change my nethserver’s FQDN? Keep in mind I do not have an account provider. It is greyed out right now and can’t do it from the interface.

royceb · July 28, 2020, 11:57pm

Super easy, the docs don’t have much info for Cockpit. System -> Dashboard-> Hostname/Alias.

tessierp · July 28, 2020, 11:58pm

It’s greyed out for me. So I’m guessing I’m using a functionality that prevents me from changing it. I am not using any account provider. So what could be locking this down? VPN?

royceb · July 29, 2020, 12:03am

That sounds odd and i am not sure. Maybe try the old web-admin interface? https://youriphere:980 Then under Configuration -> Server Name.

tessierp · July 29, 2020, 12:08am

That worked but it took me through the setup procedure, there were steps to configure the hostname, ssh, etc. Hostname was one of them. I was scared it was going to mess everything up. But it didn’t.

It worked, it did change my FQDN. I exited and entered again and I have the old interface. I can change the FQDN from there. Not from the new interface. I guess that is a bug?

royceb · July 29, 2020, 12:11am

I can’t really tell you for sure, I have not experienced something like that before. If you can reproduce it that would be interesting.

tessierp · July 29, 2020, 12:21am

Following my FQDN change, I can no longer run Reports, an update is failing.

{
“steps”: 4,
“pid”: 16345,
“args”: “”,
“event”: “nethserver-dante-update”
}
{
“step”: 1,
“pid”: 16345,
“action”: “S00initialize-default-databases”,
“event”: “nethserver-dante-update”,
“state”: “running”
}
{
“progress”: “0.25”,
“time”: “1.25216”,
“exit”: 0,
“event”: “nethserver-dante-update”,
“state”: “done”,
“step”: 1,
“pid”: 16345,
“action”: “S00initialize-default-databases”
}
{
“step”: 2,
“pid”: 16345,
“action”: “S03nethserver-dante-conf”,
“event”: “nethserver-dante-update”,
“state”: “running”
}
{
“progress”: “0.50”,
“time”: “0.185871”,
“exit”: 0,
“event”: “nethserver-dante-update”,
“state”: “done”,
“step”: 2,
“pid”: 16345,
“action”: “S03nethserver-dante-conf”
}
{
“step”: 3,
“pid”: 16345,
“action”: “S05generic_template_expand”,
“event”: “nethserver-dante-update”,
“state”: “running”
}
{
“progress”: “0.75”,
“time”: “0.328616”,
“exit”: 0,
“event”: “nethserver-dante-update”,
“state”: “done”,
“step”: 3,
“pid”: 16345,
“action”: “S05generic_template_expand”
}
{
“step”: 4,
“pid”: 16345,
“action”: “S90adjust-services”,
“event”: “nethserver-dante-update”,
“state”: “running”
}
{
“progress”: “1.00”,
“time”: “1.085144”,
“exit”: 256,
“event”: “nethserver-dante-update”,
“state”: “done”,
“step”: 4,
“pid”: 16345,
“action”: “S90adjust-services”
}
{
“pid”: 16345,
“status”: “failed”,
“event”: “nethserver-dante-update”
}
{
“type”: “GenericError”,
“id”: 1595981960,
“message”: “generic_error”
}

tessierp · July 29, 2020, 12:32am

Wow, I think I’ll use the admin page more often, I was able to remove the report module from there, from the Cockpit I didn’t see a way. But now, after uninstalling the Report module from the admin UI, httpd and httpd-admin fail to load, they crashed while uninstalling the Report module…

tessierp · July 29, 2020, 12:42am

Well whatever that did, it completely messed up everything…

I can no longer reach the cockpit or the admin ui.

tessierp · July 29, 2020, 12:52am

The ADMIN and Cockpit are down. No sure what happened but I think it has to do with getting in the admin UI on port 980. It asked me to reconfigure and I had no choice but to continue through. The reporting was not working. Removed that from the ADMIN UI after changing my FQDN and then httpd and httpd-admin services failed to start, I rebooted and I can’t access none of the UIs (Cockpit on 9090 and ADMIN on 980). Dead in the water.

The network still works for now but it seems I will have to start from scratch…

If anyone has ANY idea how to fix this, please let me know…

Is there ANYWAY I can restore a previous configuration through the CLI because that is the only thing I have access to??

tessierp · July 29, 2020, 1:01am

Managed to get everything by executing restore-backup from the CLI. My problem persists though, no way to change the FQDN.

tessierp · July 29, 2020, 1:49am

I’m not sure if others will have the same issues. After you install Nethserver and if you proceed to port 9090 (the Cockpit), once you have done your setup, execute a backup of your configure and then try and login on port 980 and execute the setup there as well. Restore from a known saved config, the one you backed up in the cockpit. At least for me, going into the admin UI caused my configuration to get lost. I managed to get going by restoring by backup from the CLI.

tessierp · July 29, 2020, 2:31am

Although my problems are fixed, one still remains, FQDN change is greyed out in the Cockput. What are the modules or components that would be preventing me from changing the name? I seem to be able to change it fine from the old ADMIN UI.

Also, I noticed a bug in the old ADMIN UI. It was asking me to configure a backup plan. I remembered that I did that in the Cockpit (new UI). I went and checked and it was there. Somehow, the OLD UI does not see this, so it is an inconsistency that is shown as disabled and if I check enable I can set 2 separate backup plans from the OLD and the NEW UI. I know this is a separate issue and will log it as a separate issue tomorrow.

michelandre · July 29, 2020, 3:23am

Hi Patrick,

In old UI and Cockpit there is backup config. I always use the old UI to save the config.

Create a user (toto) with full admin rights.
Make sure admin and toto have a password and ssh connect right for toto.
2a) Login to webmail - it will create toto mail directory.
Create a backup config of the original NethServer. (For the name => adjust the pop-up window to see more clearly).
Install LDAP provider local.
Check the password of admin and toto to make sure they are still working.
Uninsall LDAP to be able to change the server name. (users will be saved automatically)
Change the server name.
Reinstall the LDAP local (users will be restored automatically).
Just to be sure, create a new backup config.

Notes:
Each time a config of the server is changed in the day, at night the system will create a new backup config automatically.
If you restore a backup config, you will have the choice to (re)install missing modules. This option is checked by default.

That’s it - all should be working correctly.

Michel-André

mrmarkuz · July 29, 2020, 9:27am

Usually the FQDN is greyed out in Cockpit, when sssd is not enabled. That should be the case when no account provider is active.

Please check:

config show sssd

The legacy backup only supports one backup named “backup-data”, see the docs.

The multiple backup feature came along with the new server manager, meanwhile there are more features that are only available in new server manager (for example Threat shield, SSH settings, etc).
Ressources are limited so it’s not possible to maintain 2 server managers and implement new features in both.

I recommend to basically use the new server manager and only if something is not working as it should, try to workaround with legacy server manager and post here to fix it in cockpit.

tessierp · July 29, 2020, 11:22am

According to this output it seems to be enabled

sssd=service
AdDns=
DiscoverDcType=dns
LdapURI=
Provider=none
Realm=
ShellOverrideStatus=enabled
Workgroup=
status=enabled

So if I understood you correctly with this output, I shouldn’t have the FQDN greyed out? But mine is. I didn’t enable any providers even since I made this new install.

Any other tests I could run to figure out why it is greyed out?

Sounds good, I use the new server manager all the time. I only used the old one yesterday since it was suggested to me maybe I could change it from there which it did but caused a lot of other issues.

tessierp · July 29, 2020, 11:27am

Thanks for providing these steps. Fortunately for me, I didn’t need to go through any of that and would have preferred not to install LDAP on my main firewall / router. I was able to change it through the old UI.

If you are wondering why I am not installing a LDAP, last time I did, I had some issues when I created a user through the installation process and some things were not working as they should. I did raise the issue earlier this year. I just decided to wait until I have the infrastructure to create a separate LDAP or Active Directory server.

I think once you install LDAP and / or Active Directory, you’re stuck with it and can’t uninstall but seems from your step that is not true of LDAP, you can uninstall that one. Active Directory prevents you from changing your NIC bind after I think and even if you uninstall you have to reset your network config to change anything.

mrmarkuz · July 29, 2020, 11:57am

My fault, the other way round :

The FQDN is greyed out in Cockpit, when sssd is enabled because hostname change is not possible with a running account provider.

So let’s disable it in the config db:

config setprop sssd status disabled

tessierp · July 29, 2020, 12:14pm

Ahh I see… Let me ask this before. What could have enabled this? What are the possibilities if I never activated LDAP or AD?

Any side effects if I disable it on my current config?

Also, I guess the old UI does not depend on this condition for availability?

mrmarkuz · July 29, 2020, 12:31pm

You may have enabled it at the services page (during troubleshooting).

No, if you don’t use an account provider you can safely disable sssd.

True, there should be no issues.